Business Wire

Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attacks, and Generative AI Increase Risks

30.10.2024 14:25:00 EET | Business Wire | Press release

Share

Traceable AI, the industry's leading API security company, today released its second annual research report—the 2025 Global State of API Security. The findings demonstrate that organizations are failing to protect their APIs despite persistent breaches and increased awareness of security risks. This comprehensive study, incorporating insights from over 1,500 IT and cybersecurity experts across the US, UK, and EMEA, reveals fundamental weaknesses in API security strategies and tracks how these issues have shifted since our inaugural report.

Key findings examine the most pressing API security issues organizations face today: increasing bot attacks and fraud, risks from third-party APIs, and the new security implications of generative AI applications.

Download the full report for in-depth analysis.

Key Findings Include:

  1. API-Related Data Breaches Continue to Wreak Havoc: 57% of organizations suffered an API-related data breach in the past two years, with a staggering 73% of these experiencing three or more incidents. Even more concerning, 41% endured five or more breaches, revealing a systemic failure in API defenses and a clear need for investment in purpose-built API security solutions.
  2. Traditional Security Solutions Fail to Deliver API Protection: Despite deploying an array of security tools—from legacy WAFs to CDNs and Gateways—only 19% of organizations rate their defenses as highly effective. Moreover, 53% admit that traditional solutions like WAFs and WAAPs are ineffective at identifying or preventing fraud at the API layer.
  3. Generative AI Applications Create New Risks: 65% of organizations state that generative AI applications pose a serious to extreme risk to APIs. 60% state that the additional API integrations required for generative AI applications expand their organization’s attack surface; the same percentage cite concerns about sensitive data exposure and unauthorized access.
  4. Bot Attacks and Fraud are Rampant: 53% of organizations have experienced one or more bot attacks involving their APIs, and 44% say that bot mitigation is a top challenge. Fraud is equally concerning, emerging as the second most prevalent cause of API-related data breaches among survey respondents.
  5. Third-Party APIs Are a Hidden Danger: Organizations now use an average of 131 third-party APIs, up slightly from last year's 127. Yet, only 16% have a “high ability” to mitigate these external risks, leaving a vast attack surface greatly exposed.

"API breaches are rampant, and the industry is in denial,” said Richard Bird, Chief Security Officer of Traceable. “Organizations keep deploying the same solutions—Web Application Firewalls, API gateways, and lifecycle tools—yet only a small percentage report any real success. This cognitive dissonance is a ticking time bomb. The truth is, these traditional defenses are failing, and the more companies rely on them, the more they expose themselves to devastating attacks. We’re also seeing a surge in bot attacks, increasing instances of API fraud, and new vulnerabilities emerging from the rapid adoption of generative AI applications. Companies must confront the uncomfortable truth: their current strategies are inadequate. Without a fundamental shift in how they secure APIs, breaches and their consequences will continue to escalate.”

Traceable conducts this annual research to provide organizations with an objective assessment of API security risks and trends. By tracking these patterns and emerging threats, we aim to offer security leaders the knowledge needed to make informed decisions and prioritize the most important security challenges. Our commitment is to ensure that as APIs continue to be central to business operations, organizations have the insights they need to protect their critical assets.

Download the full 2025 State of API Security report today.

About Traceable

Traceable’s intelligent and context-aware solution powers complete API security, API discovery and posture management, API security testing, attack detection and threat hunting, and attack protection anywhere your APIs live. Traceable enables organizations to minimize risk and maximize the value that APIs bring their customers. To learn more about how API security can help your business, book a demo with a security expert.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241030645718/en/

Contacts

Ryan Romana
Touchdown PR
traceable@touchdownpr.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

www.businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Hanshow and the University of Cambridge Launch Joint Research on Augmented Intelligent Hybrid Wireless Technology25.12.2025 13:34:00 EET | Press release

Hanshow, a global leader in electronic shelf labels (ESL) and digital store solutions, has entered into a multi-year research collaboration with the University of Cambridge, one of the world’s most prestigious academic institutions. The partnership will focus on joint research and innovation in next-generation intelligent hybrid wireless technologies, marking an important milestone in Hanshow’s continued investment in core technologies and long-term innovation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251225988816/en/ This collaboration leverages the University of Cambridge’s deep expertise in fundamental wireless technology research, alongside Hanshow’s extensive industry experience, to further strengthen multi-protocol integration capabilities and expand scalable applications across diverse retail scenarios. Guided by shared principles of innovation, collaboration, openness, and knowledge sharing, the two parties aim

Social Development Bank Highlights Strategic Partnerships and Global Initiatives at DeveGo 202524.12.2025 18:27:00 EET | Press release

The Social Development Bank (SDB) hosted the second edition of the Entrepreneurship and Modern Business Practices Forum, “DeveGo 2025”, from 21 to 23 December in Riyadh. Held under the patronage of His Excellency Eng. Ahmed bin Sulaiman Al Rajhi, Minister of Human Resources and Social Development and Chairman of SDB’s Board of Directors, the forum brings together government leaders, global experts, investors, and entrepreneurs to shape the future of entrepreneurship and modern business practices in the Kingdom of Saudi Arabia. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251224036724/en/ From right to left: Ahmed Al Rajhi, Saudi's Minister of Human Resources and Social Development, H.E. Rebeca Grynspan, Secretary-General of UNCTAD, and Sultan Al Hamidi, CEO of Social Development (Photo: AETOSWire) Opening the forum, Minister Al Rajhi delivered a keynote speech on the growing vibrancy of Saudi Arabia’s entrepreneurial movem

Making Science Unveils ‘AWAKE’: The AI Venture Studio Industrialising Startup Creation and AI-First Innovative Solutions23.12.2025 21:51:00 EET | Press release

Making Science, the global digital acceleration consultancy, today announced the launch of AWAKE Venture Studio. This "AI-first" model represents a new era in systematic innovation, designed to identify, prototype, and scale both internal proprietary solutions and independent AI-native startups with global reach. The launch of AWAKE is motivated by the significant efficiency gains of orders of magnitude that Making Science has already achieved through the internal integration of AI. By applying these methods, the firm has achieved a 2x acceleration in tech feature development reducing time in the deployment of AI Agents. This model has already proven its commercial and innovative power through the acceleration of startups like ad-machina, which has multiplied its value by 10 since joining the Making Science ecosystem. These proven benchmarks serve as the technical foundation for AWAKE’s two interconnected engines, which formalise this efficiency into a repeatable manufacturing process

FDA Clears First Extended Depth of Focus Contact Lens for Presbyopia23.12.2025 19:07:00 EET | Press release

The Cataltheia Group and its U.S. subsidiary, Bruno Vision Care LLC, a leader in eye health innovation, today announced that the U.S. Food and Drug Administration (FDA) has cleared the first and only Daily Disposable Soft (Hydrophilic) Contact Lens for Presbyopia utilizing patented Extended Depth of Focus (EDOF) optical design technology, enabling commercial distribution in the United States. Deseyne® delivers smooth, continuous focus across near, intermediate, and distance vision, providing clear, natural vision without compromise. This performance is enabled by Cataltheia’s patented hyper-refractive central zone, engineered to precisely redirect light in a controlled manner. The result is a clear clinical advantage over the only other available contact lens option for presbyopia, multifocal lenses, which rely on multiple optical zones and often require prolonged visual and cognitive adaptation. “We are proud to offer the first contact lens solution for the world’s aging population th

Aramco Awards SLB Long-Term Contract to Support Kingdom’s Unconventional Gas Production Growth23.12.2025 15:58:00 EET | Press release

Global technology company SLB (NYSE: SLB) has been awarded a five-year contract by Aramco to provide stimulation services for its unconventional gas fields. This award is part of a broader multi-billion contract, supporting one of the largest unconventional gas development programs globally. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251223074948/en/ The contract encompasses advanced stimulation, well intervention, frac automation, and digital solutions, which are important to unlocking the potential of Saudi Arabia’s unconventional gas resources. The contract encompasses advanced stimulation, well intervention, frac automation, and digital solutions, which are important to unlocking the potential of Saudi Arabia’s unconventional gas resources — a cornerstone of the Kingdom’s strategy to diversify its energy portfolio and support the global energy transition. “This agreement is an important step forward in Aramco’s effor

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye