Accessibility Statement Skip Navigation
  • Resources
  • Blog
  • Journalists
  • +44 (0)20 7454 5110
  • Client Login
  • Send a Release
Return to PR Newswire homepage
  • News
  • Products
  • Contact
When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All Public Company News
      • All Multimedia News
      • View All News Releases

      • Regulatory News

      • D/A/CH Regulatory News
      • UK Regulatory News
      • View All Regulatory News

  • Business & Money
      • Auto & Transportation

      • Aerospace & Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads & Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking & Road Transportation
      • View All Auto & Transportation

      • Business Technology

      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • View All Business Technology

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film & Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Financial Services & Investing

      • Accounting News & Issues
      • Acquisitions, Mergers & Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalisation
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • View All Financial Services & Investing

      • General Business

      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls & Research
      • Trade Show News
      • View All General Business

  • Science & Tech
      • Consumer Technology

      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • View All Consumer Technology

      • Energy & Natural Resources

      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil & Gas Discoveries
      • Utilities
      • Water Utilities
      • View All Energy & Natural Resources

      • Environ­ment

      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • Aerospace & Defence
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation & Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking & Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • Carriers & Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • Animals & Pets
      • Beers, Wines & Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics & Personal Care
      • Fashion
      • Food & Beverages
      • Furniture & Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewellery
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film & Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Health

      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • View All Health

      • Sports

      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • View All Sports

      • Travel

      • Amusement Parks & Tourist Attractions
      • Gambling & Casinos
      • Hotels & Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • Animal Welfare
      • Corporate Social Responsibility
      • Economic News, Trends & Analysis
      • Education
      • Environmental
      • European Government
      • Labour & Union
      • Natural Disasters
      • Not For Profit
      • Public Safety
      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • View All People & Culture

  • Overview
  • Distribution
  • Paid Placement
  • Multimedia
  • Disclosure Services
  • SocialBoost
  • Rooms
    • MediaRoom
    • ESG Rooms
  • AI Tools
  • General Enquiries
  • Media Enquiries
  • Partnerships
  • Hamburger menu
  • Cision PR Newswire UK provides press release distribution, targeting, monitoring, and marketing services
  • Send a Release
    • Phone

    • +44 (0)20 7454 5110 from 8 AM - 5:30 PM GMT

    • ALL CONTACT INFO
    • Contact Us

      +44 (0)20 7454 5110
      from 8 AM - 5:30 PM GMT

  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • News in Focus
    • Browse News Releases
    • Regulatory News
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
    • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • Overview
  • Distribution
  • Paid Placement
  • Multimedia
  • Disclosure Services
  • Cision Communications Cloud®
  • AI Tools
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • General Enquiries
  • Media Enquiries
  • Partnerships
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists

Noname Security's API Security Report Reveals Growing Number of API Security Incidents, a Concerning Lack of API Visibility, And a Level of Misplaced Confidence


News provided by

Noname Security

15 Sep, 2022, 13:00 GMT

Share this article

Share toX

Share this article

Share toX

76% of USA and UK respondents have experienced an API security incident in the last 12 months

SAN JOSE, Calif, Sept. 15, 2022 /PRNewswire/ -- Noname Security, provider of the most complete API security platform, today announced the findings from its API security report, "The API Security Disconnect – API Security Trends in 2022". The report reveals a rapidly growing number of API security incidents, concerning lack of API visibility, and a level of misplaced confidence in existing controls.

Over three quarters (76%) of respondents have suffered an API security incident in the last 12 months, with these incidents primarily caused by Dormant/Zombie APIs, Authorization Vulnerabilities, and Web Application Firewalls.

Furthermore, nearly three quarters (74%) of cybersecurity professionals do not have a full API inventory, or know which APIs return sensitive data.

This implies that the majority of respondents will struggle to remediate against any API security threats – and not know which to prioritize – if they do not have real-time granular visibility into the APIs in their ecosystems. 

Other key findings include:

  •   71% were confident and satisfied that they were receiving sufficient API protection.
  •   Less than half (48%) of respondents have visibility into the security posture of Active APIs.
  •   Only 11% of respondents test APIs for signs of abuse in real-time.

o  39% test less than once per day, and up to once per week

  •   67% of respondents are confident that their DAST and SAST tools are capable of testing APIs.

Shay Levi, Noname Security CTO and co-founder, comments on the findings: "Our research has exposed a disconnect between the high level of incidents, low levels of visibility, effective monitoring and testing of the API environment, and misplaced confidence that current tools are preventing attacks. This emphasizes the need for further education by Security, AppSec, and development teams around the realities of API security testing."

Legacy-based sectors struggle to keep pace with API security testing

Critical infrastructure sectors such as manufacturing and energy & utilities, which typically rely on legacy systems, ranked unfavorably when measured on a number of metrics. They ranked worst on the percentage of API security incidents in the last 12 months, with 79% of manufacturing and 78% of energy & utilities respondents saying they had experienced incidents, of which they were aware.

Energy & utilities companies were also the least likely to have a full inventory of APIs and know which return sensitive data, with just 19% confident about this issue. Manufacturing organizations found it most difficult to scale API security solutions, with just 30% saying they found it easy. Furthermore, real-time testing was at its lowest in energy & utilities (7%), whilst manufacturing, and energy & utilities were most likely to conduct API security testing less frequently than once per month, with 20% and 21% doing this, respectively.

The relative lack of testing in these critical infrastructure sectors correlates with the number of API security incidents they have suffered in the last 12 months. This emphasizes the need for standards to be raised in sectors where personal identifiable information, and intellectual property can potentially be seized by bad actors, let alone where physical infrastructure and vital services are at risk.

UK and USA differ over API visibility and reporting

There were a number of differences towards monitoring and visibility of APIs between the two countries surveyed, especially when it comes to reporting in real-time. More UK respondents (28%) have full API inventories, and know which return sensitive data, compared to the USA (24%).

Furthermore, an increased number of respondents in the USA (44%) had visibility into their full inventory of APIs, but were not aware of those returning sensitive data, compared to 38% in the UK. This could suggest that USA organizations are more concerned with API-driven growth than securing existing APIs.

Disparity in API security approach across job roles

Responses from Application Security (AppSec) teams appear to differ considerably from other job functions surveyed. Compared to 81% of CISOs saying they have experienced an API security incident, only 53% of AppSec professionals said they had. Additionally, 58% of CIOs said it was easy to scale API security solutions, while nearly a third (29%) of AppSec respondents admitted this was difficult.

In terms of testing, only 7% of AppSec professionals tested in real-time for signs of abuse, while 25% stated that they test for API security vulnerabilities less than once a week, and up to once per month.

"The ongoing prioritization of digital transformation initiatives is introducing an increased number of applications – and therefore APIs – into organizations' ecosystems," added Levi. "The perceived gaps around API security testing between different job functions begs the question as to whether there is a lack of consistency across organizations of what is happening on the frontline. This needs to be addressed urgently; application development needs to adopt a 'shift left' approach to security testing, so that testing is undertaken pre-production and teams need to be educated around the benefits of doing this.

"We've seen from the likes of Gartner that APIs are quickly becoming the most popular attack vector. Our research demonstrates that if businesses don't address the security vulnerabilities and widening attack surface presented by an increasing number of APIs, their ability to innovate and offer end-user-friendly solutions will be stifled by potentially debilitating cyber-attacks," concluded Levi.

Noname Security commissioned independent research organization, Opinion Matters, to undertake the survey in July 2022. 600 senior cybersecurity professionals in the UK and USA were surveyed from across a variety of enterprise organizations in six key vertical market sectors: financial services, retail & eCommerce, healthcare, government & public sector, manufacturing, and energy & utilities.

If you are interested in reading the full results from Noname Security's "The API Security Disconnect – API Security Trends in 2022" report, please click here.

About Noname Security

Noname Security is the only company taking a complete, proactive approach to API Security. Noname works with 20% of the Fortune 500 and covers the entire API security scope across three pillars — Posture Management, Runtime Security, and API Security Testing. Noname Security is privately held, remote-first with headquarters in Silicon Valley, California, and offices in Tel Aviv and Amsterdam.

Media Contact
Jim Pople
C8 Consulting for Noname Security
NonameSecurity@c8consulting.co.uk
+44 (0) 7955 030191

Modal title

Contact PR Newswire

  • +44 (0)20 7454 5110
    from 8 AM - 5:30 PM GMT
  • General Enquiries
  • Media Enquiries
  • Partnerships

Products

  • Content Distribution
  • Multimedia Services
  • Disclosure Services
  • Cision Communications Cloud®

About

  • About PR Newswire
  • About Cision
  • Partnering Opportunities
  • Careers
  • APAC
  • APAC - Simplified Chinese
  • APAC - Traditional Chinese
  • Brazil
  • Canada
  • Czech
  • Denmark
  • Finland
  • France
  • Germany
  • India
  • Indonesia
  • Israel
  • Japan
  • Korea
  • Mexico
  • Middle East
  • Middle East - Arabic
  • Netherlands
  • Norway
  • Poland
  • Portugal
  • Russia
  • Slovakia
  • Spain
  • Sweden
  • United States
  • Vietnam

My Services

  • All News Releases
  • Customer Portal
  • Resources
  • Blog
  • Journalists
  • Data Privacy

Do not sell or share my personal information:

  • Submit via Privacy@cision.com 
  • Call Privacy toll-free: 877-297-8921

Contact PR Newswire

Products

About

My Services
  • All News Releases
  • Customer Portal
  • Resources
  • Blog
  • Journalists
+44 (0)20 7454 5110
from 8 AM - 5:30 PM GMT
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2025 PR Newswire Europe Limited. All Rights Reserved. A Cision company.