Get a Demo

2020 RSA Attendee Survey

32% of RSA Attendees Detected Attempts to Exploit Their APIs in the Past 12 Months

SAN FRANCISCO, Calif., Feb 27, 2020 — CloudVector, the next-generation API security solution, today announced the results of “API Security Attitudes & Trends,” a survey conducted at RSA Conference 2020. The survey reveals that digital transformation and cloud migration trends are driving the increased usage of APIs across the enterprise, even as practitioners struggle to discover, monitor, and secure APIs.


“APIs have reached a tipping point that represents a massive risk surface,” said Lebin Cheng, founder & CTO, CloudVector. “These survey results reveal the clear and present danger of this risk: one-third of organizations have detected attempts to exploit their APIs in the past 12 months, but the number is likely much higher since so few organizations have implemented effective API security controls.”


Key findings from “API Security Attitudes & Trends” include:


  • Almost every organization is using APIs — 83% of respondents agreed that digital transformation and cloud migration trends were driving the increased usage of APIs across the enterprise, and 99% admitted their organization was using public, private or third-party APIs (56% were using all three).


  • API security needs to start with DevOps — 64% of respondents claimed their organizations DevOps function was cataloging its API specifications, but 31% said the catalogs were incomplete or outdated. Only 30% of respondents said their organization had a way to discover unknown or outdated APIs to create their own catalogs.


  • API security needs to move beyond the gateway — 64% of respondents are using Web Application Firewalls (WAFs) to detect API abuse and data exfiltration, and 24% of respondents are using API management gateways, but only 32% claim they can actually detect API abuse and data exfiltration of application-to-application API traffic.


Read our “API Security Attitudes & Trends” blog


About CloudVector

CloudVector is enabling organizations to move beyond the gateway and firewall with the industry’s first full-featured API Threat Protection platform. Only CloudVector is able to automatically and continuously discover APIs, monitor for deviant behavior, and secure data from exfiltration to prevent data breaches. CloudVector was founded in 2019 by former executives from Netskope and Agari. Follow CloudVector on Twitter and LinkedIn. Learn more about CloudVector at