Core Insights - Akamai Technologies has announced new enhancements to its API Security offerings, aimed at helping customers address evolving threats to APIs, which are increasingly targeted by cyberattacks [1][2] - The company's API Security solutions have received recognition through industry awards and positive customer feedback, indicating strong market validation [1][3] API Security Enhancements - The latest enhancements focus on improving visibility across the API development and production lifecycle, addressing critical security gaps [2] - Key features include: - Managed Service for API Security, which offers real-time monitoring and expert response to early threats [6] - Integration with code repositories for pre-launch risk assessment of APIs [6] - Compliance Dashboard for centralized monitoring against security and privacy standards like PCI DSS v4.0 and GDPR [6] Customer Feedback - Customers have reported significant benefits from Akamai's API Security solutions, highlighting improved visibility and risk management: - A CTO from an insurance company noted enhanced data usage visibility and minimized attack surface [2] - A CISO from a software company emphasized the tool's effectiveness in guiding their AppSec team and simplifying risk assessment [2] - An executive in healthcare praised the robustness and responsiveness of the tool, providing peace of mind regarding API-level visibility [2] Industry Recognition - Akamai's security solutions have recently won three prestigious industry awards, reflecting the company's growing traction in the market [3] - The Senior Vice President of Akamai's Application Security Portfolio stated that the recognition indicates the company is effectively addressing real customer problems [4]

《API研究》中显示，2023年1月至2024年6月间，亚太地区记录到1080亿次API攻击，API攻击占所有 Web攻击的15%。 日前，Akamai发布的《API安全影响研究》（以下简称《API研究》）中显示，过去一年的时间内，中 国在解决API安全事件上花费的成本最高，达到了77.8万美元（约合568万人民币），且在企业内部，管 理层预估API安全事件造成的成本约为51.7万美元，而一线员工则认为将达到92万美元。 苦API攻击久已 针对API的攻击手段已经不是时代的新词，在传统互联网时代，API安全事件就屡见不鲜。具体来看， API攻击的历史可以分为四个阶段。 第一阶段大概时间节点在2000之前，在计算机单机时代（如大型机、Windows 95时期），软件模块间 的交互已出现类似API的机制，但此时接口多用于内部功能调用，安全问题尚未凸显。攻击主要集中于 底层系统漏洞，例如Windows 95的API漏洞。 但随着互联网的兴起，基于CGI（通用网关接口）的Web交互接口出现，成为早期API攻击的雏形。攻 击者通过参数篡改、简单注入等方式尝试突破接口限制。 第二阶段大致时间节点在2000到2010年前后 ...