Business Wire

Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attacks, and Generative AI Increase Risks

30.10.2024 14:25:00 EET | Business Wire | Press release

Share

Traceable AI, the industry's leading API security company, today released its second annual research report—the 2025 Global State of API Security. The findings demonstrate that organizations are failing to protect their APIs despite persistent breaches and increased awareness of security risks. This comprehensive study, incorporating insights from over 1,500 IT and cybersecurity experts across the US, UK, and EMEA, reveals fundamental weaknesses in API security strategies and tracks how these issues have shifted since our inaugural report.

Key findings examine the most pressing API security issues organizations face today: increasing bot attacks and fraud, risks from third-party APIs, and the new security implications of generative AI applications.

Download the full report for in-depth analysis.

Key Findings Include:

  1. API-Related Data Breaches Continue to Wreak Havoc: 57% of organizations suffered an API-related data breach in the past two years, with a staggering 73% of these experiencing three or more incidents. Even more concerning, 41% endured five or more breaches, revealing a systemic failure in API defenses and a clear need for investment in purpose-built API security solutions.
  2. Traditional Security Solutions Fail to Deliver API Protection: Despite deploying an array of security tools—from legacy WAFs to CDNs and Gateways—only 19% of organizations rate their defenses as highly effective. Moreover, 53% admit that traditional solutions like WAFs and WAAPs are ineffective at identifying or preventing fraud at the API layer.
  3. Generative AI Applications Create New Risks: 65% of organizations state that generative AI applications pose a serious to extreme risk to APIs. 60% state that the additional API integrations required for generative AI applications expand their organization’s attack surface; the same percentage cite concerns about sensitive data exposure and unauthorized access.
  4. Bot Attacks and Fraud are Rampant: 53% of organizations have experienced one or more bot attacks involving their APIs, and 44% say that bot mitigation is a top challenge. Fraud is equally concerning, emerging as the second most prevalent cause of API-related data breaches among survey respondents.
  5. Third-Party APIs Are a Hidden Danger: Organizations now use an average of 131 third-party APIs, up slightly from last year's 127. Yet, only 16% have a “high ability” to mitigate these external risks, leaving a vast attack surface greatly exposed.

"API breaches are rampant, and the industry is in denial,” said Richard Bird, Chief Security Officer of Traceable. “Organizations keep deploying the same solutions—Web Application Firewalls, API gateways, and lifecycle tools—yet only a small percentage report any real success. This cognitive dissonance is a ticking time bomb. The truth is, these traditional defenses are failing, and the more companies rely on them, the more they expose themselves to devastating attacks. We’re also seeing a surge in bot attacks, increasing instances of API fraud, and new vulnerabilities emerging from the rapid adoption of generative AI applications. Companies must confront the uncomfortable truth: their current strategies are inadequate. Without a fundamental shift in how they secure APIs, breaches and their consequences will continue to escalate.”

Traceable conducts this annual research to provide organizations with an objective assessment of API security risks and trends. By tracking these patterns and emerging threats, we aim to offer security leaders the knowledge needed to make informed decisions and prioritize the most important security challenges. Our commitment is to ensure that as APIs continue to be central to business operations, organizations have the insights they need to protect their critical assets.

Download the full 2025 State of API Security report today.

About Traceable

Traceable’s intelligent and context-aware solution powers complete API security, API discovery and posture management, API security testing, attack detection and threat hunting, and attack protection anywhere your APIs live. Traceable enables organizations to minimize risk and maximize the value that APIs bring their customers. To learn more about how API security can help your business, book a demo with a security expert.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241030645718/en/

Contacts

Ryan Romana
Touchdown PR
traceable@touchdownpr.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

www.businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Dilawer Farazi Returns to Loomis Sayles as Co-Head and Portfolio Manager on the Emerging Markets Debt Team17.11.2025 17:59:00 EET | Press release

Loomis, Sayles & Company is pleased to announce that Dilawer Farazi, ACA, has rejoined the firm as Co-Head and Portfolio Manager of the Emerging Markets Debt (EMD) Team. Dilawer becomes the firm’s first London-based portfolio manager. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251117681347/en/ Dilawer Farazi, ACA, has rejoined Loomis Sayles as Co-Head and Portfolio Manager of the Emerging Markets Debt Team Dilawer brings over two decades of experience in emerging markets credit, having previously served as a Senior Credit Research Analyst at Loomis Sayles from 2018 to 2020. He rejoins the firm from Royal London Asset Management (RLAM), where he led the Emerging Markets Credit team and managed approximately USD $1 billion in assets across EM credit. At RLAM, he launched the firm’s first dedicated emerging markets funds, including an emerging markets corporate bond fund and an emerging markets short duration credit fund. I

Duravant Announces Retirement of CEO Mike Kachmer, Names Jill Evanko Successor17.11.2025 17:13:00 EET | Press release

Duravant LLC (“Duravant”), a global leader in advanced automation solutions, announced today that Mike Kachmer will retire from his role as Chief Executive Officer after a highly successful tenure with the company. Duravant’s Board of Directors has named Jill Evanko as CEO, joining the company on January 5, 2026. To ensure a seamless transition, Mr. Kachmer will continue to serve as Chairman of Duravant. Mr. Kachmer will also continue to serve on the Board of Directors for Northwestern Memorial Healthcare and The London Clinic. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251117036720/en/ Mike Kachmer “It has been a true honor and a humbling experience to lead this incredible company,” said Mr. Kachmer. “I am profoundly grateful to my colleagues within Duravant for their support over the years. Together, we have built an organization with a truly differentiated operating model and culture, one that cultivates collaboration

Morningstar's 2026 Outlook Report Delivers Global and Regional Insights for Durable Portfolios17.11.2025 16:00:00 EET | Press release

Morningstar, Inc. (Nasdaq: MORN), a leading provider of independent investment insights, today published its 2026 Outlook, offering an overview of key challenges and opportunities for the year ahead. In a market defined by uncertainty, this year’s report emphasizes the value of preparation over prediction, equipping investors with strategies to focus on fundamentals and help build resilient portfolios that withstand both booms and busts. Drawing on insights from Equity, Manager, and Behavioral research analysts worldwide, this Outlook distills Morningstar’s thinking on how to navigate opportunity and risk across every major asset class in 2026. "Markets are unpredictable, and the geopolitical and tariff uncertainty of 2025 showed just how quickly forecasts can shift. That’s why Morningstar is redefining the Outlook, focusing on durable portfolios rather than short-term predictions,” said Dan Kemp, chief research and investment officer. “No matter what market conditions the year ahead m

Wolters Kluwer Enablon Control of Work Solution Now Available as Private Offer in AWS Marketplace17.11.2025 16:00:00 EET | Press release

Wolters Kluwer today announced that its Enablon Control of Work solution is now available in AWS Marketplace as a private offer. This purchasing model empowers customers to negotiate and receive tailored pricing, terms, and licensing agreements, while streamlining procurement and leveraging existing Amazon Web Services (AWS) billing workflows to accelerate deployment and optimize cloud budgets. Wolters Kluwer’s Enablon Control of Work solution consolidates permit-to-work, isolation management and risk assessments into an integrated system. Trusted by frontline workers and contractors in high-risk environments including oil & gas, pharmaceuticals, data center and manufacturing industries, the software helps streamline operations, minimize unplanned downtime and prevent serious injuries and fatalities. Richard Pulliam, SVP & General Manager of EHS & ESG for Wolters Kluwer, said: “Making Enablon's Control of Work solution available in AWS Marketplace is another step in our mission to help

World First: Autonomous Racing Leaps Forward in Abu Dhabi as A2RL Season 2 Showcases Record Speed, Bold Overtakes and Real-Time AI Decision-Making17.11.2025 15:50:00 EET | Press release

The Abu Dhabi Autonomous Racing League, A2RL, delivered a defining moment for autonomous technology as six fully driverless racecars pushed the limits of AI performance in a world-first Grand Final at Yas Marina Circuit. In a night marked by record speed, bold overtakes, and split-second AI decision-making, Germany’s TUMcemented its dominance by retaining the championship title, followed by TII Racing (UAE) in second place, and PoliMOVE (Italy) in third. With eleven international teams battling for a $2.25 million prize pool and a Human vs AI showdown featuring former F1 star Daniil Kvyat, the event showcased just how dramatically the race - and the technology behind it - has advanced since Season 1. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251117644875/en/ World First: Autonomous Racing Leaps Forward in Abu Dhabi as A2RL Season 2 Showcases Record Speed, Bold Overtakes and Real-Time AI Decision-Making (Photo: AETOSWire

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye