Do you have an API security project in 2022?
Yes – Funded
20%
Yes – Investigating only
19%
No – Planned for 2023 +
20%
Not planning to pursue
41%
Who is responsible for API Security?
Security
18%
App Developers
20%
Application Security Champion
10%
DevOps
20%
Platform engineering
12%
Don’t know
19%
What is your API security maturity?
Well established
19%
Being defined
22%
Investigating
18%
Adhoc
15%
Not a current priority
27%
Does your DevSecOps prioritize API Security?
Yes
45%
No
14%
Not doing DevSecOps currently
40%
Which API Security practices do you follow most? (select all that apply)
Vulnerability identification
47%
OWASP API Top 10 remediation
41%
OAuth or other API authentication
38%
Rate limiting
27%
Zero-Trust
30%
API gateways
49%
Code scanning
43%