API security incidents occur at least once a month

Postman released the results of its 2022 State of the API Report, which surveyed more than 37,000 developers and API professionals on a range of topics, including their organizations’ priorities, how they get their work done, and where they see the industry going. This year, the questions expanded to include the economy, employment, and remote work to gain insight into how the tech sector views today’s most pressing business concerns.

“This year, we found not only are most organizations’ development efforts focused on APIs, but firms that go even further and establish an API-first approach tend to outperform and have a more optimistic business outlook. As organizations navigate an uncertain economy, API-first strategies are becoming the backbone that allows organizations to respond rapidly and seamlessly,” said Abhinav Asthana, CEO of Postman.

Key findings

• Organizations are now spending a majority of their development efforts on APIs: Some 51% of respondents said that more than half of their organizations’ development effort is spent on APIs—compared with 40% of respondents in 2020 and 49% last year—underscoring APIs’ role as the building blocks of modern software.
• API investments to remain strong, despite economic headwinds: Investments in APIs will increase or stay the same over the next 12 months, said 89% of global respondents. When polling just executives, a similar level of confidence emerged among 1,400 CEOs, CIOs, and CTOs. These forecasts come even as two out of three respondents indicated a negative view of today’s economy.
• API-first leaders outperform: While only 8% of respondents identified themselves as API-first leaders, this elite group produces APIs faster, deploys more often, has fewer failures, and recovers sooner when failures occur. They also have brighter business outlooks—they were more likely to forecast an increase in hiring, employee retention, and internal spending over the next 12 months.
• Remote work is “very important”: Much of the world views remote work as critical. In North America, 78% of developers and API professionals called it “very important,” exceeding the global figure of 72%. Other regions, such as Asia and Europe value it less highly. The findings come as many remote employees resist a return to the office.
• API security incidents occur monthly at many companies: Some 20% of respondents reported API security incidents or breaches at least once a month at their organization. While the overall picture was more reassuring—52% said incidents happen less than once a year—the data underscores the importance of incorporating security early in the API lifecycle.