Monthly API security breaches occurred in the organizations of 20% of developers and API professionals, even though 51% noted that over half of the development efforts of their organizations have been directed toward APIs, VentureBeat reports.
Elevated API security incidence noted in the Postman study should prompt organizations to bolster API identification and security efforts. Inadequately protected shadow or published APIs may be causing more frequent API security incidents among some companies, which may also have more legacy systems and a lacking understanding of the API landscape, according to Postman CEO Abhinav Asthana.
Asthana added that increasing mobile app prevalence has also emphasized the importance of increased API transparency and visibility.
"Many mobile apps have a number of backend APIs used to support it and they are often overlooked. Attackers have been abusing these backend mobile APIs for quite some time because they are often not secured and provide much more valuable content. You cant protect what you dont know about," said Asthana.