Attacks on application programming interfaces (APIs) are becoming more frequent, more sophisticated, and grander in scale. In fact, 108 billion API attacks were recorded from January 2023 through June 2024, according to a recent Akamai State of the Internet (SOTI) report.

And yet, despite the rapid proliferation of APIs in the enterprise and the access to sensitive data that many of these APIs require, research indicates that securing them has not been a top priority for most security teams. As organizations struggle with poor visibility into APIs and their risks, the findings align with industry concerns that enterprises lack centralized responsibility for API security, from tracking vulnerabilities to measuring the impact of breaches.