API security is a hot topic. But do you know that the first vulnerability in API was publicly disclosed 24 years ago, back on April 2, 1998?

So we decided to make an overview on trends, vulnerability types and affected products over the course of last years:
• ~7000 reports, including CVE, bug bounty reports and others sources analyzed
• About 1000 issues /year during last 3 years and it’s growing
• All the data will be available to download and further research

This work is based on research of API security issues and exploits that were disclosed throughout the last years. We explain what issues were found, and which vendors and products were affected. We map these issues across industry standards, including CWEs, CVEs, both OWASP Top-10 and API OWASP Top-10, and CVSS scores.

You will learn about oldest and newest API issues and how they evolved, their exploitation possibilities, and how to protect your APIs against them.