According to Datos Insights’ 2023 Cybersecurity Trends You Need to Know About report, API security is number two of the 10 top concerns of security teams. With over 80 API protection solutions available, financial institutions and insurance companies can easily be confused about which solutions best address their API threat landscape. To help organizations wade through the marketing noise and product clutter, we recently completed an in-depth analysis of the API security solution market, including extensive voice of the customer research, on four stand-alone API security solutions used by over 240 organizations. This analysis, published in the new report Datos Insights Vendor Guide: API Security Solutions, serves as a buyer’s guide for organizations seeking a stand-alone API security solution.
Participants of this report represent startup and scaleup vendors that submitted their API security solutions to 100 points of evaluation scrutiny. The report also dives into the market history, size, investment, API threats, and standards. Web application and API protection solutions (WAAPs) are encroaching on distributed denial of service (DDoS), web application firewall (WAF), and bot defense solution markets—organizations would rather acquire an integrated solution that addresses all their web application and API security needs than acquire singular solutions.
Cequence and Salt Security achieved best-in-class in the 2023 Datos Insights Vendor Guide. Both API security solutions scored solidly across all four categories. Cequence (96.3%) edged out Salt Security (92.4%), mainly in the vendor stability category.
In addition to identifying these two vendors as leading the market, our team noted several key findings, including:
- Modest market size, despite healthy compound annual growth rate (CAGR): The API security solution market size is projected to reach US$289 million in 2023. The market is estimated to grow at 24% CAGR, reaching nearly US$700 million in 2027, half the size of the WAAP solution market.
- Managed API security solutions grow in popularity: Customers and prospects prefer solutions where the provider takes care of the heavy lifting of API protection. Many organizations lack API security expertise and access to API threat intelligence to protect APIs effectively. Customers, however, must recognize they still own the risk.
- Solutions are pricey but offer substantial value: Stand-alone API security solutions are a six-figure decision for most organizations. Entry-level pricing can begin below US$100,000, but the annual recurring revenue (ARR) can quickly grow based on use and adoption. Despite the cost, customers are staunchly supportive of their investment and the value stand-alone API protection products provide.
To learn more about the products covered in this research, check out Cequence, FireTail, TeejLab Inc., and Salt Security. This report is part three of a four-part series on API security. To read the predecessor reports, API Security: Market Landscape, March 2023, and Web Application and API Protection (WAAP): Market Landscape and Product Deep Dive, July 2023. Contact me here to ask any API-related questions or share your API protection experiences.