According to a recent Ovum survey of 100 IT and security professionals, 30 percent of APIs are designed without any input from the security team, and 27 percent of APIs proceed through the development stage without the security team getting involved.
The survey also shows that there is disagreement among IT teams as to who should have ultimate responsibility for API security. The research shows that 53 percent of respondents believe security teams should be responsible for API security, while 47 percent believe the developer teams should hold responsibility.
Other takeaways from the study include:
- The majority of companies are running some type of API management platform with 87 percent saying that they were using an API management platform that was either created in-house or from a third party provider.
- 20 percent of companies are running more than 50 APIs.
See the infographic here for more information from the survey.