Insights reveal that while APIs account for the
majority of Internet traffic, they remain largely unsecured
Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud
company, today published its inaugural API Security and Management
Report. Findings from this year's report reveal that APIs, a
technology that underpins today’s most used sites and apps, are
being leveraged by businesses more than ever—ultimately opening the
door to more online threats than seen before. The report
underscores the gap between organizations' use of APIs and their
ability to safeguard the data those APIs touch.
APIs power the digital world—our phones, smartwatches, banking
systems and shopping sites all rely on APIs to communicate. They
can help ecommerce sites accept payments, enable healthcare systems
to securely share patient data, and even give taxis and public
transportation access to real-time traffic data. Nearly every
business today now uses them to build and provide better sites,
apps and services to consumers. However, if unmanaged or unsecured,
APIs present a goldmine for threat actors to exfiltrate potentially
sensitive information.
"APIs are central to how applications and websites work, which
makes them a rich, and relatively new, target for hackers," said
Matthew Prince, CEO and co-founder at Cloudflare. "It's vital that
companies identify and protect all their APIs to prevent data
breaches and secure their businesses."
Key findings from Cloudflare’s 2024 API Security and Management
Report include:
- Even unlikely industries see high spikes of API traffic:
The seamless integrations that APIs allow for have driven
organizations across industries to increasingly leverage them –
some more quickly than others. The IoT, rail, bus and taxi, legal
services, multimedia and games, and logistics and supply chain
industries saw the highest share of API traffic in 2023.
- API traffic accounts for the majority of Internet
traffic: APIs dominate dynamic Internet traffic around the
globe (57%), with each region that Cloudflare protects seeing an
increase in usage over the past year. However, the top regions that
explosively adopted APIs and witnessed the highest traffic share in
2023 were Africa and Asia.
- APIs face an array of frequent and increasing threats:
As with any popular business critical function that houses
sensitive data, threat actors attempt to exploit any means
necessary to gain access. The rise in popularity of APIs has also
caused a rise in attack volume, with HTTP Anomaly, Injection
attacks and file inclusion being the top three most commonly used
attack types mitigated by Cloudflare.
- Shadow APIs provide a defenseless path for threat
actors: Organizations struggle to protect what they cannot see.
Nearly 31% more API REST endpoints (when an API connects with the
software program) were discovered through machine learning versus
customer-provided identifiers – e.g., organizations lack a full
inventory of their APIs.
- DDoS mitigation solutions are one of the most effective
tools to protect APIs: Regardless if an organization has full
visibility of all their APIs, DDoS mitigation solutions can help
block potential threats. One-third (33%) of all mitigations applied
to API threats were blocked by DDoS protections already in
place.
“APIs are powerful tools for developers to create full-featured,
complex applications to serve their customers, partners, and
employees, but each API is a potential attack surface that needs to
be secured,” said Melinda Marks, Practice Director, Cybersecurity,
for Enterprise Strategy Group. “As this new report shows,
organizations need more effective ways to address API security,
including better visibility of APIs, ways to ensure secure
authentication and authorization between connections, and better
ways to protect their applications from attacks.”
Report Methodology: The findings in this report,
including the statistics included above, are based on traffic
patterns observed by Cloudflare’s global network (including
Cloudflare’s web application firewall, DDoS protection, bot
management, and API gateway services) between Oct. 1, 2022 and Aug.
31, 2023. For the quarter ended September 30, 2023, Cloudflare
served over 50 million HTTP requests per second on average, and
blocked an average of 170 billion cyber threats each day.
To learn more, please check out the resources below:
- 2024 API Security and Management Report
- Blog: Introducing Cloudflare’s 2024 API Security and Management
Report
- Cloudflare API Security
- What is API Security?
About Cloudflare
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud
company. It empowers organizations to make their employees,
applications and networks faster and more secure everywhere, while
reducing complexity and cost. Cloudflare’s connectivity cloud
delivers the most full-featured, unified platform of cloud-native
products and developer tools, so any organization can gain the
control they need to work, develop, and accelerate their
business.
Powered by one of the world’s largest and most interconnected
networks, Cloudflare blocks billions of threats online for its
customers every day. It is trusted by millions of organizations –
from the largest brands to entrepreneurs and small businesses to
nonprofits, humanitarian groups, and governments across the
globe.
Learn more about Cloudflare’s connectivity cloud at
cloudflare.com/connectivity-cloud. Learn more about the latest
Internet trends and insights at https://radar.cloudflare.com.
Follow us: Blog | X | LinkedIn | Facebook | Instagram
Forward-Looking Statements
This press release contains forward-looking statements within
the meaning of Section 27A of the Securities Act of 1933, as
amended, and Section 21E of the Securities Exchange Act of 1934, as
amended, which statements involve substantial risks and
uncertainties. In some cases, you can identify forward-looking
statements because they contain words such as “may,” “will,”
“should,” “expect,” “explore,” “plan,” “anticipate,” “could,”
“intend,” “target,” “project,” “contemplate,” “believe,”
“estimate,” “predict,” “potential,” or “continue,” or the negative
of these words, or other similar terms or expressions that concern
Cloudflare’s expectations, strategy, plans, or intentions. However,
not all forward-looking statements contain these identifying words.
Forward-looking statements expressed or implied in this press
release include, but are not limited to, statements regarding
Cloudflare’s products and technology, Cloudflare’s technological
development, future operations, growth, initiatives, or strategies,
future market trends, and comments made by Cloudflare’s CEO. Actual
results could differ materially from those stated or implied in
forward-looking statements due to a number of factors, including
but not limited to, risks detailed in Cloudflare’s filings with the
Securities and Exchange Commission (SEC), including Cloudflare’s
Quarterly Report on Form 10-Q filed on November 2, 2023, as well as
other filings that Cloudflare may make from time to time with the
SEC.
The forward-looking statements made in this press release relate
only to events as of the date on which the statements are made.
Cloudflare undertakes no obligation to update any forward-looking
statements made in this press release to reflect events or
circumstances after the date of this press release or to reflect
new information or the occurrence of unanticipated events, except
as required by law. Cloudflare may not actually achieve the plans,
intentions, or expectations disclosed in Cloudflare’s
forward-looking statements, and you should not place undue reliance
on Cloudflare’s forward-looking statements.
© 2024 Cloudflare, Inc. All rights reserved. Cloudflare, the
Cloudflare logo, and other Cloudflare marks are trademarks and/or
registered trademarks of Cloudflare, Inc. in the U.S. and other
jurisdictions. All other marks and names referenced herein may be
trademarks of their respective owners.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240109533109/en/
Cloudflare, Inc. Daniella Vallurupalli Vice President, Head of
Global Communications press@cloudflare.com
Cloudflare (NYSE:NET)
過去 株価チャート
から 6 2024 まで 7 2024
Cloudflare (NYSE:NET)
過去 株価チャート
から 7 2023 まで 7 2024