50% of orgs report experiencing data breaches due to exposed API secrets
source link: https://venturebeat.com/security/data-breaches-api/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
50% of orgs report experiencing data breaches due to exposed API secrets
Check out all the on-demand sessions from the Intelligent Security Summit here.
API vulnerabilities are a serious issue that can’t be overlooked. Just one API vulnerability led to the breach of 5.4 million Twitter users’ data, and cybercriminals are well aware that all they need to gain access to an organization’s personally identifiable information (PII) is to harvest the right secrets.
In fact, new research released today by API security vendor Corsha Inc. — a survey of more than 400 security and engineering professionals — found that 53% have experienced a data breach to networks or apps due to compromised API tokens.
The report also found that organizations are struggling to manage API secrets, with 86% spending up to 15 hours a week provisioning, managing and dealing with secrets.
This highlights the fact that organizations are in need of a more scalable approach to managing API secrets if they want to continue to operate in hybrid cloud environments while minimizing the risk of intrusions from threat actors.
Event
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Secrets management in the age of API explosion
Widespread API exploitation is coming amid an explosion in APIs, with 51% of developers and API professionals reporting that more than half of their development effort is spent on APIs. This is up from 40% in 2020 and 49% in 2021.
Each one of these entities has secrets that need to be secured — otherwise a skilled hacker can harvest them and gain access to the data processed by an API.
“The explosion of APIs over the last few years, the increase in automated pipelines, microservices and movement to cloud brings along the explosion of secrets needed to secure communication across these APIs,” said Anusher Iyer, Corsha CEO.
Secrets management provides an answer to this explosion by automating the provisioning, managing and rotation of secrets so that organizations don’t have to manually circulate disparate keys, tokens and certificates.
“Secrets management is vital to the security of who and what is accessing your APIs,” said Iyer. “For many organizations, it’s the best way to safeguard their secrets in a secure, automated fashion, while also maintaining the hygiene needed to minimize any risk that might be associated with leaked and compromised credentials.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.
Recommend
-
4
Friday, 15 January 2021 10:40 Billions of records exposed by security breaches in 2020, says Tenable By Peter Dinham...
-
4
Description SQL Server object disks on Windows Server can be expanded at any time with no issues, but Linux doesn't quite work like that by default. In a situation where you run out of space, you're out of luc...
-
1
Report: Nearly two-thirds of orgs lack basic API security
-
4
Report: 74% of orgs struggle to achieve true observability Digital generated image of global data visualisation.Image Credit: Getty Images
-
1
Report: 80% of execs say their orgs’ tech needs not met Image Credit: Getty Images According to CXOs surveyed by
-
3
Report: 79% of orgs report legacy apps hinder digital transformation Image Credit: metamorworks // Getty Join today's leading ex...
-
2
Report: 54% of orgs with advanced data analytics have increased their revenue Image Credit: Getty Images Join today's leading exe...
-
7
Report: 70% of orgs are spending $1M or more on AI Image Credit: metamorworks // Getty Images Join today's leading executives onl...
-
1
Report: Hacking is the top cause of data breaches
-
4
Report: 69% of orgs report multicloud security configurations led to data breaches or exposures
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK