1、2022 State of API SecurityMay 2022 EMA Research ReportChristopher M.Steffen,CISSP,CISAManaging Research Director,Information Security,Risk and Compliance ManagementSponsored by:Table of Contents1 Introduction3 Key Findings5 Voices of the Survey Respondent Quotes7 Technology Trends10 Shining a Light

2、on the State of API Security15 EMA Perspective17 Research Methodologies and DemographicsIntroduction.2Introduction EMA Research Report|2022 State of API SecurityFor years,security vendors have discussed DevSecOps solutions and the ben-efits they bring to the mature enterprise,but forecasted attacks

3、on APIs and infrastructure as code(IaC)have put application security in the spotlight.Organizations of every size will invest in application security tools and tools that address every market of every size will have a decisive advantage toexploit this emerging trend.Modern applications,composed of f

4、unctions and services,require developers to rely on APIs to communicate between applications and their components to share data and drive functionality.These applications are mobile,distributed,and have instances in cloud and on-premises.The trend of remote working has created a need for agile,conne

5、cted applica-tions and deprioritized on-premises application access.This is driving network and application re-architecture,as well as adoption and transitions to cloud while increasing the use of open APIs in many vertical industries.For most organizations,gaining a consolidated view of their confi

6、guration and security parameters is challenging because many of these applications are deployed in a variety of platforms,change frequently,and may include open-source compo-nents.Also,due to constant and rapid changes,many of these applications are poorly documented,with API security often becoming