CrowdStrike Investment Spotlights API Security

  /     /     /  
Publicated : 23/11/2024   Category : security


CrowdStrike Investment Spotlights API Security


The investment in Salt Security underscores the fact that attacks targeting APIs are increasing.



The boom in mobile apps, cloud services, and Web applications have led to a worrying trend: Attackers are increasingly targeting the APIs that underpin them. Enterprises need tools in order to secure these data-rich connectors, and CrowdStrikes announcement that it is investing in Salt Security highlights the critical role API security plays in Web application security.
APIs – application programming interfaces – are ubiquitous in the modern enterprise. Consider the following:
A Web application displaying a map and location data relies on the Google Maps API.
An e-commerce application offering multiple payment options, such as the Pay with PayPal feature, is using an API.
Retailers use APIs to work with couriers and delivery companies to ensure package are picked up and delivered correctly.
Companies may send software via API. Thats what Tesla does.
APIs connect the critical data and services that drive todays digital innovation, said Roey Eliyahu, CEO and co-founder at Salt Security, in a statement.
Developers rely on APIs to connect their applications to multiple data sources and services in order to build new features and products without having to start from scratch. For example, not many organizations have the resources or data to maintain detailed maps, but they dont need to because Google Maps offers the information via an API. However, the fact that APIs have access to sensitive data and systems makes them vulnerable. If the API is somehow abused, that can expose the underlying data and result in a data breach.
A
bug in the Peloton API
allowed anyone to pull users’ private account data directly from Peloton’s servers, even if a users profile was set to private. There was a similar situation involving a financial lending site, where a
leaky Experian API
allowed anyone to look up credit scores of someone else with only a name and mailing address.
Enterprises are producing a massive number of APIs at a rate that far outpaces the maturity of network and application security practices, wrote Gartner analysts Jeremy D’Hoinne and Mark O’Neill in a
recent Gartner Predicts report on API security
. Strong inventory and real-time discovery are both necessary to gain enough visibility into all APIs that the organization produces.
From a financial perspective, CrowdStrikes investment makes sense. The API security market is expected to grow 26.3% between 2022 and 2032, according to
research from Future Market Insights
earlier this month. Gartner estimates that API attacks will soon become the most-frequent attack vector for Web applications.
In addition to the investment, CrowdStrike says it plans to work with Salt Security on security testing to harden APIs and API discovery and runtime protection for applications.

Last News

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CrowdStrike Investment Spotlights API Security