Business Wire

Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attacks, and Generative AI Increase Risks

30.10.2024 14:25:00 EET | Business Wire | Press release

Share

Traceable AI, the industry's leading API security company, today released its second annual research report—the 2025 Global State of API Security. The findings demonstrate that organizations are failing to protect their APIs despite persistent breaches and increased awareness of security risks. This comprehensive study, incorporating insights from over 1,500 IT and cybersecurity experts across the US, UK, and EMEA, reveals fundamental weaknesses in API security strategies and tracks how these issues have shifted since our inaugural report.

Key findings examine the most pressing API security issues organizations face today: increasing bot attacks and fraud, risks from third-party APIs, and the new security implications of generative AI applications.

Download the full report for in-depth analysis.

Key Findings Include:

  1. API-Related Data Breaches Continue to Wreak Havoc: 57% of organizations suffered an API-related data breach in the past two years, with a staggering 73% of these experiencing three or more incidents. Even more concerning, 41% endured five or more breaches, revealing a systemic failure in API defenses and a clear need for investment in purpose-built API security solutions.
  2. Traditional Security Solutions Fail to Deliver API Protection: Despite deploying an array of security tools—from legacy WAFs to CDNs and Gateways—only 19% of organizations rate their defenses as highly effective. Moreover, 53% admit that traditional solutions like WAFs and WAAPs are ineffective at identifying or preventing fraud at the API layer.
  3. Generative AI Applications Create New Risks: 65% of organizations state that generative AI applications pose a serious to extreme risk to APIs. 60% state that the additional API integrations required for generative AI applications expand their organization’s attack surface; the same percentage cite concerns about sensitive data exposure and unauthorized access.
  4. Bot Attacks and Fraud are Rampant: 53% of organizations have experienced one or more bot attacks involving their APIs, and 44% say that bot mitigation is a top challenge. Fraud is equally concerning, emerging as the second most prevalent cause of API-related data breaches among survey respondents.
  5. Third-Party APIs Are a Hidden Danger: Organizations now use an average of 131 third-party APIs, up slightly from last year's 127. Yet, only 16% have a “high ability” to mitigate these external risks, leaving a vast attack surface greatly exposed.

"API breaches are rampant, and the industry is in denial,” said Richard Bird, Chief Security Officer of Traceable. “Organizations keep deploying the same solutions—Web Application Firewalls, API gateways, and lifecycle tools—yet only a small percentage report any real success. This cognitive dissonance is a ticking time bomb. The truth is, these traditional defenses are failing, and the more companies rely on them, the more they expose themselves to devastating attacks. We’re also seeing a surge in bot attacks, increasing instances of API fraud, and new vulnerabilities emerging from the rapid adoption of generative AI applications. Companies must confront the uncomfortable truth: their current strategies are inadequate. Without a fundamental shift in how they secure APIs, breaches and their consequences will continue to escalate.”

Traceable conducts this annual research to provide organizations with an objective assessment of API security risks and trends. By tracking these patterns and emerging threats, we aim to offer security leaders the knowledge needed to make informed decisions and prioritize the most important security challenges. Our commitment is to ensure that as APIs continue to be central to business operations, organizations have the insights they need to protect their critical assets.

Download the full 2025 State of API Security report today.

About Traceable

Traceable’s intelligent and context-aware solution powers complete API security, API discovery and posture management, API security testing, attack detection and threat hunting, and attack protection anywhere your APIs live. Traceable enables organizations to minimize risk and maximize the value that APIs bring their customers. To learn more about how API security can help your business, book a demo with a security expert.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241030645718/en/

Contacts

Ryan Romana
Touchdown PR
traceable@touchdownpr.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

www.businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Incyte Announces FDA Approval of Jakafi XR™ (ruxolitinib) Extended-Release Tablets for the Treatment of Myelofibrosis, Polycythemia Vera and Graft-Versus-Host Disease2.5.2026 00:28:00 EEST | Press release

Incyte (Nasdaq:INCY) today announced that the U.S. Food and Drug Administration (FDA) has approved Jakafi XR™ (ruxolitinib) extended-release tablets for the treatment of adults with intermediate- or high-risk myelofibrosis (MF); adults with polycythemia vera (PV) who have had an inadequate response to or are intolerant of hydroxyurea; as well as adults and children aged 12 years and older with steroid-refractory acute graft-versus-host disease (GVHD) or chronic GVHD after failure of one or two lines of systemic therapy. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260501334677/en/ “The approval of Jakafi XR reinforces Incyte’s leadership in hematology and our focus on meeting the evolving needs of patients with myeloproliferative neoplasms (MPNs) and GVHD,” said Bill Meury, Chief Executive Officer, Incyte. “Jakafi XR offers appropriate patients and physicians a once-daily option, expanding choice without changing the well-

Barilla Hosts Surprise Formula 1® Family Reunion Dinner During Miami Race Weekend1.5.2026 19:08:00 EEST | Press release

A special invitation, a table, and a plate of pasta shared by people who are often apart. That’s all it took for Barilla to bring the spirit of togetherness to Miami during the opening day of the FORMULA 1® CRYPTO.COM MIAMI GRAND PRIX 2026. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260430832316/en/ Barilla hosts Arvid Lindblad, Mikaela Shiffrin, and Nico Rosberg with Chef Massimo Bottura at Torno Subito, where the Formula 1® community came together for a surprise dinner. Barilla, the Official Pasta Partner of Formula 1®, welcomed team members and their families to Torno Subito Miami, the restaurant by three-Michelin-starred Chef Massimo Bottura, with the kitchen led by Chef Bernardo Paladini, for an evening where engines were switched off and everyday life took center stage. The night also celebrated the start of the new partnership between Barilla and the Visa Cash App Racing Bulls (VCARB) Formula 1® Team, a meeting of

TIME Names Xenco Medical one of the TIME100 Most Influential Companies in the World and the Winner of the 2026 TIME100 Impact Award in Health1.5.2026 13:07:00 EEST | Press release

Time Magazine has named pioneering medical technology company Xenco Medical as one of the TIME100 Most Influential Companies in the World and the Winner of the 2026 TIME100 Impact Award in Health. Widely regarded as the most prestigious recognition in business and technology, being selected to the TIME100 List remains the most coveted accolade that a company can achieve globally. The TIME100 Impact Awards are given to only 5 recipients each year, making it the rarest of honors that a company can receive and a profound recognition of transformative, global impact. Xenco Medical was honored by Time as the sole recipient of the TIME100 Impact Award in Health in 2026, signifying its leading, global distinction in impact on healthcare. According to Time Magazine, the TIME100 Most Influential Companies list highlights “companies making an extraordinary impact around the world.” The honor bestowed by Time comes after Xenco Medical was named the 2025 Medical Device/ Diagnostics Company of the

Inspirit Capital Completes Acquisition of Kaplan Languages Group1.5.2026 02:17:00 EEST | Press release

Inspirit Capital, a specialist investor in corporate carve-outs, and Kaplan, the global education company, have announced the completion of Inspirit’s acquisition of Kaplan Languages Group (KLG) from Kaplan. Financial terms are not being disclosed. KLG, a leading global language education platform, comprises Kaplan International Languages, Alpadia Language Schools, Azurlingua, and ESL Education. Inspirit Capital will support KLG in delivering on its ambitious growth plans, whilst continuing its fundamental mission to transform lives through language education. The next phase of ownership will see the development and launch of a refreshed standalone brand identity for KLG, with further announcements to follow on this in due course. KLG will continue to use the Kaplan name under a transitional license from Kaplan, Inc. until a new brand is announced. About Kaplan Languages Group Since 2006, KLG has provided the highest quality language education and cultural immersion experiences. Kaplan

Grindr Nominates Three New Directors to Its Board of Directors1.5.2026 00:16:00 EEST | Press release

Grindr Inc. (NYSE: GRND), the Global Gayborhood in Your Pocket™, today announced the nomination of Rob Solomon, Lisa Gersh, and Fadi Hanna to stand for election to its Board of Directors at the Annual Meeting of Shareholders on June 2, 2026. Rob Solomon is a deeply seasoned technology CEO and operator in consumer internet and marketplaces. He has held CEO and COO roles at scaled platforms including GoFundMe, Groupon, and Kayak-predecessor SideStep, and is currently CEO of leading electric aviation company H55. Lisa Gersh is a CEO and long-tenured public company director with deep experience across consumer brands, media, and commerce. She has served on the Hasbro (NASDAQ: HAS) board since 2010 and has led businesses including Oxygen Media, GOOP, and Alexander Wang. Fadi Hanna is Chief Risk Officer at Bloomberg L.P., overseeing enterprise risk across the organization. He previously worked at J.P. Morgan and has served on the board of Immigration Equality. “Over the last few years, we bu

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye