OM138153

All set! This article has been sent to my@email.address.

All fields are required. For multiple recipients, separate email addresses with a semicolon.

Please make sure all fields are completed.

Please enter a valid e-mail address

Please make sure you have filled out all fields

Name

Please make sure you have filled out all fields

Subject:

Add a personalized message to your email

Cancel

Please Note: Only individuals with an active subscription will be able to access the full article. All other readers will be directed to the abstract and would need to subscribe.

API Security From Development to Runtime

Analyst Opinion 06 Jan 2025 John Grady Melinda Marks

Figures & Downloads

Contents

The breadth of tools used to secure APIs and issues with collaboration across personas responsible for ensuring secure development, deployment, and operation of APIs may be creating more challenges than organizations realize.

Omdia view

Summary

Every API is a potential attack vector, and adversaries have a variety of avenues to compromise endpoints at their disposal.

Attacks on availability, exploitation of weak authentication, and the abuse of shadow APIs are all common and can easily lead to sensitive data loss. The breadth of tools used to secure APIs and issues with collaboration across personas responsible for ensuring secure development, deployment, and operation of APIs may be creating more challenges than organizations realize. Success requires security operations and tools spanning the software development process, from development to runtime, to help teams discover, manage, configure, monitor, and protect APIs. Leaders need to understand the behaviors that forward-thinking organizations have undertaken and how to properly assess solutions to secure APIs from development to runtime.

To gain insights into these trends, we surveyed 385 IT, cybersecurity, and application development professionals in North America (US and Canada) involved securing their organization’s APIs.

Research Report: API Security From Development to Runtime

Appendix

Author

John Grady, Principal Analyst, Cybersecurity

Melinda Marks, Practice Director, Cybersecurity, Cybersecurity

[email protected]

An error occured. Please try again later

You are now following this Analyst

You unfollowed this Analyst

The Analyst Team

John Grady

Follow Analyst

Principal Analyst, Network Security & Web Application Security

Principal Analyst John Grady uses his nearly 20 years of IT vendor and analyst experience to help clients identify and understand key market trends, refine their messaging, and succeed more in the marketplace.

Before joining Enterprise Strategy Group, John spent four years at Symantec, responsible for market insights and analytics supporting product, go-to-market, and executive stakeholders.
At IDC, John covered network, web, and email protection and led initial research initiatives on previously emerging areas such as advanced threat prevention and DDoS protection. As an analyst, he has also focused on infrastructure channels, advising clients on indirect go-to-market strategies.
John has written for Dark Reading and been quoted in Network World, CSO, eWeek, CRN, Silicon Angle, ITPro, SDX, HelpNet Security, and TechTarget. He holds a BA in History from Providence College in Providence, Rhode Island.

Melinda Marks

Follow Analyst

Practice Director, Cybersecurity

Practice Director Melinda Marks leads ESG’s analyst team focused on cybersecurity. Melinda covers technologies that help organizations scale safely while adopting faster cloud-native development cycles.

Melinda has over 20 years of experience in technology marketing and strategy, focusing on product value and revenue growth. She has held leadership roles at Soluble (acquired by Lacework), Armorblox, Styra, StackRox (acquired by Red Hat), Tenable, Qualys, and VMware, where she built the customer reference program and led product PR. She is a Synopsys Outreach Foundation board member and has a bachelor’s degree in English from UC Berkeley.

Topics Show all

Enterprise

Become A Client

Find out more about our full suite of products and solutions.

Become A Client

You must sign in to use this functionality

Authentication.SignIn.HeadSignInHeader

Omdia Recommends

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends

Our expert analysts will review your question and the Ask an Analyst team will get back to you. We aim to respond within 24 hours, but we’re often quicker.

Our team of experts are here to answer your questions. From advice on market trends to a query on research point, and everything in between, we want to hear from you.

Ask an analyst is available as part of a subscription. If you'd like access, contact us today.

Please make sure all fields are completed.

From

Your Question

This question field is mandatory

Preferred response PREFERRED ANALYST/S

Cancel

Connecting you with research that matters

Email Article

API Security From Development to Runtime

Contents

Figures & Downloads

Omdia view

Summary

Every API is a potential attack vector, and adversaries have a variety of avenues to compromise endpoints at their disposal.

Appendix

Further reading

Author

John Grady, Principal Analyst, Cybersecurity

The Analyst Team

John Grady

Melinda Marks

Topics Show all

Become A Client

You must sign in to use this functionality

Authentication.SignIn.HeadSignInHeader

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends

Thank you

Ask an Analyst

Become a client

Email Article

API Security From Development to Runtime

Contents

Figures & Downloads

Omdia view

Summary

Every API is a potential attack vector, and adversaries have a variety of avenues to compromise endpoints at their disposal.

Appendix

Further reading

Author

John Grady, Principal Analyst, Cybersecurity

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing. Omdia Recommends

The Analyst Team

John Grady

Melinda Marks

Unfollow Analyst

Follow Analyst

Topics Show all

Become A Client

You must sign in to use this functionality

Authentication.SignIn.HeadSignInHeader

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing. Omdia Recommends

Thank you

Ask an Analyst

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends

These are Omdia driven recommendations based on content that is both similar, and has been frequently visited by other users in combination with the content you are currently viewing.

Omdia Recommends