Google Cloud has launched a new update to Apigee, its API management and predictive analytics service, aimed at tackling business logic attacks that can cause unintended behavior in apps. Business logic attacks are a widespread issue, with 90% of companies reporting revenue loss due to such attacks between 2011 and 2012, according to a study by Silver Tail Systems. To address this problem, Google is introducing machine learning models in Apigee that have been trained to detect potential business logic attacks. The models have been designed to identify subtle behavior changes, such as an attacker with control of a server shifting its “activity patterns.”
Apigee is also releasing dashboards to accurately identify API abuses by detecting patterns within the large number of alerts. These dashboards will capture the essence of attacks, along with critical information such as the source of the attacks, the number of API calls, and the duration of the attacks. With the growth of API traffic, API security has become a heightened priority, and Apigee aims to make it faster and easier to detect API abuse incidents.
API security is a major concern for organizations, with a 400% increase in API attacks reported at the end of 2022. A study by Imperva found that API insecurity costs organizations between $41 billion and $75 billion annually. According to Google’s research, 50% of organizations have experienced an API security incident in the past 12 months, with 77% delaying the rollout of a new service or app.
By introducing AI-powered features in Apigee, Google Cloud is offering businesses an effective solution to address the growing problem of API security incidents. With the ability to detect business logic attacks and accurately identify API abuses, Apigee is helping organizations protect themselves from the financial and reputational damage that can result from these types of incidents.