SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
APM
#
Cybersecurity
#
DevOps

DevOps tools and infrastructure under attack - report

Fri, 11th Nov 2022
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist

DevOps tools and infrastructure is under attack, according to a new report. 

Wallarm, the end-to-end API security company, has released its Q3 API ThreatStats Report, which provides deep analysis into all published API vulnerabilities and exploits for the quarter. 

The Wallarm research team dissected the data from a variety of perspectives, including software type, vendor, CVSS scores, CWEs and both OWASP Top-10 (2021) for web apps and OWASP API Security Top-10 (2019). The team also examined publicly disclosed exploit POCs to determine where the risk lies.

The initial analysis indicated that API vulnerabilities and the impacted vendors were leveling off from the significant increase reported in the Q2 API Vulnerability Report, with minimal to no change. Vulnerabilities and vendors impacted experienced a 16% increase, while high to critical rated vulnerabilities remained steady at 57% total.

However, deeper analysis revealed three key findings, which may have costly implications on an organisation’s API security program:

Infrastructure. A vast majority of the most impactful vulnerabilities analysed in the third quater impacted DevOps tools and infrastructure, resulting in a shift of an organisation’s security focus.

Injections. While the OWASP Top-10 Injection categories (A03:2021 for web apps and API8:2019 for APIs) top the charts at over 33% of all CVEs analysed, further inspection reveals many, many variations, which will require extra effort to remediate.

Exploits. A surprising finding was that the average gap between CVE and exploit POC publication was zero days, which greatly impacts a mitigation timeline.

“Almost everyone involved in the API economy, from CISOs and their security teams to DevOps teams and beyond, are talking about API Security this year," says Ivan Novikov, Chief Executive Officer and Co-Founder of Wallarm. 

"However, only a few vendors can explain what it really means, and how to measure and calculate the risks and impact when things go badly,” he says.

“Wallarm has been committed to tracking and analysing API vulnerabilities and exploits, and sharing this with the community via our API ThreatStats reports," Novikov says. 

"This Q3-2022 report is the third in a row, and we clearly see a chilling trend in the number, severity and focus of API vulnerabilities and exploits," he adds. 

"No joke: the top 10 API issues we're seeing affect core DevOps and PaaS products, such as Kubernetes, Rancher, GitLab, HashiCorp, and several others.”

Wallarm end-to-end API security products provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to get unique visibility into malicious traffic, robust protection across their whole API portfolio, and automated incident response for better risk management.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Appdome enhances geo-fraud detection with new security features
Three ways CISOs can use Microsoft Copilot for security to strengthen defences
Exabeam, LogRhythm merge to form AI-driven security giant
Radware launches DNSaaS & NoKey to boost cloud services
Security advocate backs Australia's social media ban for teens
Top stories
CrowdStrike's major IT outage prompts call for infrastructure investment
Unlocking the ingenuity of the crowd: Winning the war on cybercrime
Cybersecurity fears rise ahead of 2024 Paris Olympics
BlackBerry reveals new cyber-espionage campaign by SideWinder
Veeam & Splunk enhance backup security with new integration