Introducing the Wallarm Q1 2024 API ThreatStats™ Report

As we have in previous editions of the ThreatStats report, we highlight the industry’s top API-related attacks and trends. New to this version, however, is a detailed analysis of API attacks targeting AI-based applications, representing a new and rapidly expanding threat vector. And while we encourage you to download the full report, here are some key observations about what you’ll find within.

API threats to AI applications are clearly on the rise
In Q1, we saw three potentially damaging, highly concerning potential exploits targeting APIs leveraged by AI applications. While the number may not seem high relative to the overall API threat landscape, they highlight a significant trend of increasing API threats to AI applications and equal the total number identified in all of 2023. With the incredibly rapid acceleration of organizations leveraging AI/LLMs for use in enterprise applications and accelerating the Software Development Lifecycle (SDLC), we see this problem continuing to grow in the immediate future.

Know what to look for with AI API threats
Although organizations are aware that AI has the potential to introduce new threats, most don’t yet have a clear picture of where those threats will come from or what to look for.

Most early hype revolves around issues with AI-generated code, attacks on the embedded Open AI systems (prompt injection attacks, etc.), or AI-generated misinformation. But these are relatively new issues that don’t yet have well-defined cybersecurity solutions to address them.

As this quarter’s ThreatStats report illuminates, AI is using APIs, and potentially significant vulnerabilities impacting AI APIs are already here (ZenML, NVIDIA’s Triton Inference Server, and Hail). This may be a blind spot for organizations as they navigate implementing a comprehensive AI security strategy. That’s why a solution like Wallarm, which can automatically discover the APIs utilized by AI and actively protect against breaches and other API threats, is so important to implement now.

Widely used platforms and vendor suites carry some of the greatest API risk
Despite being trusted by the world's largest companies, major enterprise software vendors aren't immune to cybersecurity vulnerabilities. Their extensive utilization makes them more visible and attractive targets for cyber adversaries (E-commerce, healthcare, financial, IT/ITeS). The list includes widely used web technology platforms like WordPress and Nginx, popular CI/CD tools like GitLab EE and Jenkins, and security solutions from Graylog and Fortinet (FortiSIEM).

It is also interesting to note in the report that DevOps and Development tools account for roughly the same percentage of threats as enterprise software (roughly 85% of the total), showing the potential for APIs to introduce significant risk early in the SDLC.

Within the report, we deep dive into a broad range of API vulnerabilities and threats. Please give it a read and let us know what you think.

Download the full report here.