API security
cloud security
Cyber landscape
Cybersecurity
July 26, 2024

Cloudflare’s Application Security Report

Cloudflare’s Application Security Report

Cloudflare released its latest Application Security Report, which contained some startling news. They found that nearly 7% of all web traffic is malicious. But what does this really mean?

The exact figure reported- 6.8%- is a full percent up from last year. 

One of the biggest factors influencing this increase has been the amount of wars and elections going on. 2024 is a huge year for democracy, with around 97 countries voting on leaders from the United States and Russia to Bangladesh and Brazil. Additionally, tensions are up with conflicts between Israel and Palestine, as well as Congo and other countries. The political climate has huge impacts on cybersecurity as many hacker groups are politically motivated (such as Russian groups REvil and KillNet). 

New vulnerabilities are being exploited at faster rates than ever before, often less than one hour after a new software is pushed to production. Additionally, zero-day exploits are up even more than in 2023. 

“However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic.”

Cloudflare reports that they blocked over 4.5 million DDoS attacks in the first quarter of 2024 alone, which is more than a third of the attacks they’d blocked off last year. And not only is the volume of attacks increasing, but so is the sophistication.

The report also highlights the dire need for increased API security. With over 83% of all web traffic being API-related, now more than ever, APIs are becoming the preferred attack target for bad actors. The primary concern is that many organizations are unaware of all their API endpoints, which makes it impossible to catch all the vulnerabilities before exploitation. After all, if you can’t see it, you can’t secure it.

“Evidence suggests the average enterprise application now uses 47 third-party scripts and connects to nearly 50 third-party destinations.”

Each of these connections has its own set of unique vulnerabilities that organizations need to address in order to stay on top of their API security.

Cloudflare also found out that a disturbingly high rate of the HTTP requests they are processing are automated bot traffic- as much as 38%. Although some bots can be harmless, up to 93% of them are potentially bad. 

Companies must take charge of their API security in an increasingly threat-filled environment. Today, an effective API security approach is multi-layered and begins at the application layer with full visibility into your API environment.

Take charge of your API security with FireTail today. To see how it works, schedule a demo here. Or to try it out yourself, sign up for our free tier here- you don’t even need a credit card.

Lina Romero

Related posts

FireTail Joins Wiz Integration (WIN) Platform
October 22, 2024

FireTail Joins Wiz Integration (WIN) Platform

Technology Partnership Enables Mutual Customers to Reduce Cloud Risk and Enhance API Security

Read more
Disclosure: Multiple Vulnerabilities in Granicus eFiling Platform
October 16, 2024

Disclosure: Multiple Vulnerabilities in Granicus eFiling Platform

Granicus, a platform offering government solutions including an efiling platform called eUniversa, was recently discovered to be vulnerable to outside attack.

Read more
Star Health Data Leak: The Call is Coming from Inside the House
October 16, 2024

Star Health Data Leak: The Call is Coming from Inside the House

Star Health suffered a massive data leak via API access. The personal information of millions of victims has been compromised, and worst of all, there may have been an insider who facilitated the breach.

Read more

This site uses cookies

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Got it!