Holiday season sees 550% increase in unique threats

Image via Unsplash

API security was analyzed in a recent report by Cequence Security. The report is based on the analysis of API transactions over the second half of 2022.

The report covers tactics, techniques and procedures (TTPs) employed by threat actors targeting consumer-facing, business-to-business (B2B) and machine-to-machine APIs.

Key findings include:

In the second half of 2022 alone, approximately 45 billion search attempts were made for shadow APIs, marking a 900% increase from the 5 billion attempts made in the first half of 2022.
There was a 550% increase in the number of unique TTPs employed by attackers, rising from approximately 2,000 in June to a staggering 11,000 towards the end of 2022.
From June 2022 to October 2022, attackers favored traditional application security tactics; however, as the holidays approached, there was a 220% surge in API security tactics.
Most re-tool attempts in the telecom industry were entirely new TTPs, which shows that threat tactics utilized are diverse, sophisticated and persistent.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.