API
We've curated 260 cybersecurity statistics about API to help you understand how vulnerabilities in application programming interfaces are being exploited and secured in 2025. Discover the trends and best practices shaping this crucial technology landscape!
Related Topics
Showing 241-260 of 260 results
56% of organisations concerned with over-privileged API access.
Financial services, healthcare, and e-commerce are the most affected sectors by sophisticated bot attacks targeting APIs
Only 11% of AI-powered APIs implemented robust security measures, such as bearer tokens with expiration times.
63% of enterprise leaders believe AI increases API security risk.
98.9% of AI vulnerabilities are API related.
33.5% of the API-related exploits targeted modern APIs, like RESTful and GraphQL.
Newly published API endpoints are discovered by attackers in a mere 29 seconds.
18.9% of API-related exploits involved legacy APIs, including AJAX backends and URL parameter-based systems.
Machine learning-based discovery tools often identify 31% more API endpoints than those reported by enterprises.
AI vulnerabilities increased by 1,025% from 2023 to 2024.
57% of AI-powered APIs were externally accessible.
API-related data breaches tripled in 2024.
89% of AI-powered APIs relied on insecure authentication mechanisms, like static keys.
Wallarm tracked 439 AI-related CVEs in 2024.
Over 50% of exploits in CISA’s Known Exploited Vulnerabilities (KEV) report were API-related in 2024, up from 20% in 2023.
77.4% of API-related vulnerabilities in AI products are directly API-related, such as weak API authentication, inadequate rate limiting, and broken access controls.
21.5% of AI vulnerabilities are indirectly tied to APIs, including flaws in third-party integrations.
Attackers can exfiltrate sensitive data in as little as 6 seconds in API attacks.
There was an average of three API-related breaches per month in 2024, with some months seeing as many as five to seven.
34% of enterprises admit their security controls are lagging behind AI's rapid deployment.