Boston, February 4, 2020 – API breaches continue to rise worldwide despite the use of API gateways and legacy web application firewalls to secure APIs. Clearly, application security is no longer enough to protect organizations and their data, and security shouldn’t be a feature of an API gateway. Can a new security product—API security gateways—more effectively secure organizations’ externally and internally facing APIs?

This report defines ASGs and highlights API gateway solutions’ failure to secure APIs. It also emphasizes a need to decouple ASGs from the API gateway product category. It is based on interviews with vendors and clients as well as hands-on testing and analysis of adversarial techniques used to breach API servers.

This 26-page Impact Report contains four figures and five tables. Clients of Aite Group’s Cybersecurity service can download this report, the corresponding charts, and the Executive Impact Deck.

This report mentions 42Crunch, Forum Systems, and Salt Security.