Business Wire

Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attacks, and Generative AI Increase Risks

30.10.2024 14:25:00 EET | Business Wire | Press release

Share

Traceable AI, the industry's leading API security company, today released its second annual research report—the 2025 Global State of API Security. The findings demonstrate that organizations are failing to protect their APIs despite persistent breaches and increased awareness of security risks. This comprehensive study, incorporating insights from over 1,500 IT and cybersecurity experts across the US, UK, and EMEA, reveals fundamental weaknesses in API security strategies and tracks how these issues have shifted since our inaugural report.

Key findings examine the most pressing API security issues organizations face today: increasing bot attacks and fraud, risks from third-party APIs, and the new security implications of generative AI applications.

Download the full report for in-depth analysis.

Key Findings Include:

  1. API-Related Data Breaches Continue to Wreak Havoc: 57% of organizations suffered an API-related data breach in the past two years, with a staggering 73% of these experiencing three or more incidents. Even more concerning, 41% endured five or more breaches, revealing a systemic failure in API defenses and a clear need for investment in purpose-built API security solutions.
  2. Traditional Security Solutions Fail to Deliver API Protection: Despite deploying an array of security tools—from legacy WAFs to CDNs and Gateways—only 19% of organizations rate their defenses as highly effective. Moreover, 53% admit that traditional solutions like WAFs and WAAPs are ineffective at identifying or preventing fraud at the API layer.
  3. Generative AI Applications Create New Risks: 65% of organizations state that generative AI applications pose a serious to extreme risk to APIs. 60% state that the additional API integrations required for generative AI applications expand their organization’s attack surface; the same percentage cite concerns about sensitive data exposure and unauthorized access.
  4. Bot Attacks and Fraud are Rampant: 53% of organizations have experienced one or more bot attacks involving their APIs, and 44% say that bot mitigation is a top challenge. Fraud is equally concerning, emerging as the second most prevalent cause of API-related data breaches among survey respondents.
  5. Third-Party APIs Are a Hidden Danger: Organizations now use an average of 131 third-party APIs, up slightly from last year's 127. Yet, only 16% have a “high ability” to mitigate these external risks, leaving a vast attack surface greatly exposed.

"API breaches are rampant, and the industry is in denial,” said Richard Bird, Chief Security Officer of Traceable. “Organizations keep deploying the same solutions—Web Application Firewalls, API gateways, and lifecycle tools—yet only a small percentage report any real success. This cognitive dissonance is a ticking time bomb. The truth is, these traditional defenses are failing, and the more companies rely on them, the more they expose themselves to devastating attacks. We’re also seeing a surge in bot attacks, increasing instances of API fraud, and new vulnerabilities emerging from the rapid adoption of generative AI applications. Companies must confront the uncomfortable truth: their current strategies are inadequate. Without a fundamental shift in how they secure APIs, breaches and their consequences will continue to escalate.”

Traceable conducts this annual research to provide organizations with an objective assessment of API security risks and trends. By tracking these patterns and emerging threats, we aim to offer security leaders the knowledge needed to make informed decisions and prioritize the most important security challenges. Our commitment is to ensure that as APIs continue to be central to business operations, organizations have the insights they need to protect their critical assets.

Download the full 2025 State of API Security report today.

About Traceable

Traceable’s intelligent and context-aware solution powers complete API security, API discovery and posture management, API security testing, attack detection and threat hunting, and attack protection anywhere your APIs live. Traceable enables organizations to minimize risk and maximize the value that APIs bring their customers. To learn more about how API security can help your business, book a demo with a security expert.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241030645718/en/

Contacts

Ryan Romana
Touchdown PR
traceable@touchdownpr.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

www.businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Energy Vault and Crusoe Announce Strategic Framework Agreement for Deployment of Crusoe Spark Modular AI Factory Units to Deliver Crusoe Cloud11.2.2026 15:30:00 EET | Press release

Energy Vault Holdings, Inc. (NYSE: NRGV) (“Energy Vault”), a global leader in grid-scale energy storage solution infrastructure, and Crusoe, the industry’s first vertically-integrated AI infrastructure provider, today announced a strategic framework agreement for the phased deployment of Crusoe Spark modular data centers at Energy Vault’s technology center in Snyder, Texas. The initial program is scalable up to 25 megawatts (MW) of total load to be operated inside Crusoe’s proprietary Spark modular AI factory product. The companies plan to begin deployments in 2026, enabling Crusoe Cloud to expand available computing capacity, including its new Managed Inference services, to meet customer demand. The initiative represents a significant expansion of Crusoe’s Spark program, a demonstration of rapidly deployable modular AI inference capacity, and a continuation of Crusoe’s commitment to innovative energy-first AI infrastructure development. This press release features multimedia. View the

Corpay Cross-Border Extends Exclusive Partnership with LIV Golf11.2.2026 15:30:00 EET | Press release

Corpay, Inc.* (NYSE: CPAY), a global leader in corporate payments, today announced that its Cross-Border business has entered into a multi-year agreement to extend its successful and exclusive collaboration with LIV Golf, as its Official Corporate Foreign Exchange (FX) Provider. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260211636852/en/ Since 2024, Corpay Cross-Border has delivered a range of corporate foreign exchange payment solutions to LIV Golf. With this multi-year extension, the League will continue to benefit from Corpay’s comprehensive currency risk management solutions and award-winning global payments platform. “Over the past two seasons, we’ve had the privilege of being the Official Corporate FX Provider for LIV Golf,” said Brad Loder, Chief Marketing Officer, Corpay Cross-Border Solutions. “We take great pride in the trust that the League’s Finance and Partnership teams have placed in us, and we are thrilled

Calvin McDonald Joins The Wella Company as CEO11.2.2026 15:30:00 EET | Press release

The Wella Company, an innovative global beauty leader, today announced that Calvin McDonald has been chosen as the company’s next Chief Executive Officer, effective April 2, 2026. Calvin will also be appointed to the company’s Board of Directors and will be based in New York. Glenn Murphy will remain as Executive Chair to provide continuity as well as strategic advice to the new CEO and the leadership team. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260210093439/en/ Calvin McDonald “We are delighted to welcome Calvin to The Wella Company,” said Glenn Murphy, Executive Chair. “As a three-time CEO, he brings decades of experience at industry-leading global consumer brands and retail businesses. Calvin’s proven ability to drive results through product differentiation, category expansion, and smart investments will help us win in the dynamic beauty sector.” Under KKR’s ownership, The Wella Company has been transformed into a

INNIO Secures Additional Major Order from VoltaGrid: 1.5 GW for Behind-the-Meter Power Generation11.2.2026 15:00:00 EET | Press release

INNIO Group today announced a major order from VoltaGrid for 1.5 gigawatts (GW), reinforcing the companies’ collaboration in behind‑the‑meter (on-site) power generation for AI and high‑performance computing infrastructure. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260211822384/en/ INNIO's Jenbacher J624 gas engine Under the agreement, INNIO expects to supply a total of 300 Jenbacher gas engines from its Type J624 and Type J620 series. The J624 series is integrated into VoltaGrid’s proprietary QPac™ platform. The engines are packaged into 25 MW units, enabling rapid, scalable deployment for data center customers across the United States. Delivery is scheduled by 2028. “This landmark order underscores the strength of INNIO’s technology and our commitment to power the growth of AI,” said Dr. Olaf Berlien, President and CEO of INNIO Group. “We are proud to deepen our collaboration with VoltaGrid as we help shape the evoluti

WeFi Technology Group Adds Rising PGA TOUR Star To Roster Of Partnerships11.2.2026 15:00:00 EET | Press release

WeFi Technology Group, a global provider of technology-enabled working capital solutions, today announced the addition of 23-year-old PGA Tour player Michael Brennan to the company’s roster of young rising stars. Michael Brennan, joins 21-year-old PGA Rookie Of The Year, Aldrich Potgieter, as the most exciting young talents on the PGA TOUR and as players regarded as golf’s next generation of global stars. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260211123788/en/ PGA Tour player Michael Brennan. Brennan’s meteoric rise has been remarkable exemplifying his world-class talent. Across 16 starts on the PGA TOUR America’s in 2025, Brennan delivered a standout season compiling three wins. His exceptional year culminated with a win on the PGA TOUR at the Bank of Utah Championship capping an extraordinary season by rising from a world ranking of 709 at the start of the year to world no. 34 by the end of 2025. “I’m honored to jo

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye