Radware Cyber ​​Survey reveals key weaknesses

Applications of AI
Daniel JLeave a Comment on Radware Cyber ​​Survey reveals key weaknesses


  • Only 8% of organizations use AI-based protection solutions
  • Only 6% of respondents have complete documentation for all APIs
  • Half of respondents don't know that third-party code is being used in the app
  • Only 29% of security staff who are fully trained to handle API business logic attacks are fully trained

Mawa, New Jersey, June 12, 2025 (Globe Newswire) – Radware® (NASDAQ: RDWR) today released a new report, the global leader in application security and delivery solutions for multi-cloud environments. 2025 Cyber ​​Survey: Application Security at Breakpoints. The study reveals a rapidly growing threat area as organizations' cyber defenses are lagging behind. This includes a major lack of protection against AI threats, APIs and business logic attacks, and more.

“The weaponization of AI by malicious actors has strengthened cybersecurity threats and brings more attention to areas where businesses simply aren't protected,” says Shira Sagiv, Vice President of Product Portfolio at Radware. “Internal alarms should echo. While companies openly acknowledge the gaps in cyber protection and lack of preparation, particularly the lack of scope for web applications and APIs, their use continues to create even more risk and exposure.”

Important findings

Scramble is to catch up with AI
The report says using AI to improve and enhance hacking trade craft is the biggest concern. Organizations are very concerned about threat actors who use AI to generate new attacks with faster cadence, bypass existing defenses, and threaten areas that previously compromise areas that are less likely to attack.

  • Most important concern: The next percentage of respondents are very concerned about hackers using AI.
    • 70% to create/improve hacking tools.
    • 67% to generate more cyberattacks.
    • To launch New Zero-Day Attack Vectors – 66%.
  • Big gaps in preparation: Despite concerns about hackers employing AI, only 8% of organizations currently use AI-based solutions for defense.
  • AI adoption: Four of the five organizations plan to implement AI-based cybersecurity solutions within the next 12 months.

Security can't keep up with the vast API ecosystem
The API is in a constant state of fluctuation. Organizations are increasing the use of APIs even when they are not protected.

  • Surge in API usage and updates: In 2025, API usage increased by 42% compared to the highest utilization rate in 2023, with multiple daily updates that have surged six times over the same time frame.
  • A wide range of third-party usage: On average, organizations use 19 third-party APIs per application. This introduces a new type of threat about data compromise that cannot be mitigated at the coding level.
  • Bad Business Logic Attack Mitigation: A common form of API attacks, business logic attacks represent a rapidly growing threat area. 81% of respondents said it is very or very important to have real-time protection measures in place.
    • Half of them have deployed runtime business logic protection.
    • Only 29% of security staff are fully trained to detect and mitigate these attacks.
  • Lack of preparation:
    • On average, only 6% of respondents who have complete documentation for all APIs responded.
    • Half of respondents do not know which third-party code is being used in their web applications. This data is leaked to third party services.

The risk to resilience continues to rise
Research respondents expressed lack of confidence in the effectiveness of a defensive attitude towards increased threats.

  • Third Party Violation: Only 16% of respondents are confident in their current protection against attempted data breach of third-party service code running in web applications.
  • Costly DDOS confusion: The average downtime caused by application DDOS attacks is $6,100 per minute or $366,000 per hour.
  • expensive compliance pressure: An average of 54% of respondents expressed high or extreme concern about a variety of regulations, including NIS2, HIPAA, SEC, PCI DSS 4, GDPR, DORA, SOX, and more.

Methodology
The survey, conducted at Osterman Research, includes compliance, highest risk, and responses from data privacy personnel. Vice President of Research and Development. Senior Network Security Administrator. Senior DEVOPS and DEVSECOPS Administrators. Cloud Security; API Architect; among other titles. The survey was conducted in nine North American countries: EMEA, APAC and LATAM.

Radware is complete 2025 Cyber ​​Survey: Application Security at Breakpoints You can download it here.

About Radware
Radware® (NASDAQ: RDWR) is the global leader in application security and delivery solutions for multi-cloud environments. The company's cloud applications, infrastructure and API security solutions use AI-driven algorithms to use accurate, hands-free, real-time protection from the most sophisticated web, applications, and DDOS attacks, API abuse, and bad bots. Businesses and airlines around the world rely on Radware solutions to address evolving cybersecurity challenges and protect brands and business operations while reducing costs. For more information, please visit the Radware website.

Radware encourages you to join our community and follow us on Facebook, LinkedIn, the Radware blog, X and YouTube.

©2025 Radware Ltd. All Rights Reserved. The Radware products and solutions mentioned in this press release are protected by Radware trademarks, patents and pending patent applications in the United States and other countries. For more information, please visit https://www.radware.com/legalnotice/. All other trademarks and names are the property of their respective owners.

This press release and 2025 Cyber ​​Survey: Application Security at Breakpoints is for informational purposes only. These materials are not intended to be indicators of Radware's business performance or operating outcomes for the previous, current or future period.

Radware believes that the information in this document is accurate in all important respects on the date of publication. However, the information is provided without express, statutory or implied warranty and is subject to change without notice.

The content of the website or hyperlinks mentioned in this press release is for informational purposes only and is not part of this press release.

A safe port statement
This press release contains “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made here that are not statements of historical facts are forward-looking statements, including statements relating to Radware's plans, outlook, beliefs or opinions. In general, words like “believe,” “expectation,” “intention,” “estimate,” “estimate,” “plan,” and “will,” “scheduled,” “so,” “so,” “will,” “may,” and “can,” can be identified by words like “believe,” “expectation,” “expectation,” “intention,” and “plan.” For example, when we say in this press release that weaponizing AI by malicious actors has strengthened cybersecurity threats and that companies are simply focusing on unprotected areas, and that their use continues to create more risk and exposure, we use forward-looking statements. As such statements deal with future events, various risks and uncertainties depend on, and actual results expressed or implied by such forward-looking statements may differ materially from current forecasts and estimates by Radware. Factors that could cause such differences include, but are not limited to, the consequences of the global economic situation, including the result of the war declared in Israel in October 2023, instability in Ukraine, tensions between China and Taiwan, tensions between financial and credit market fluctuations (including rising interest rates), and the effects of global trade binding. Our reliance on independent distributors to sell our products. Ability to effectively manage expected growth. Our business has been affected by sanctions, export controls and similar measures targeting Russia and other countries and territories, including other responses to Russian military conflicts in Russia and dealing with Russian entities by many multinational corporations in various industries. The ability for vendors to provide hardware platforms and components to the manufacture of our products. Ability to attract, train and retain qualified personnel. Fierce competition in the market for cybersecurity and application delivery solutions, and changes in the industry in general and the competitive environment. Our ability to develop new solutions and enhance existing solutions. If end users experience a security breach, or if information technology systems and data, or service providers or other contractors are compromised by cyberattackers or other malicious actors, the impact on our reputation and business in the event of any actual or perceived shortcomings, flaws or vulnerabilities of our solutions. The use of AI technology that presents regulatory, litigation and reputational risks. Risks related to the fact that our products must interoperate with the operating systems, software applications, and hardware that other products develop. Stop, suspend or delay in hosting services. Risks related to global operations, such as difficulties and costs of staffing or managing foreign businesses, the laws or regulations of the host country, partial or full expropriation, export obligations and quotas, local taxes, economic or political instability, rebellion, war, natural disasters, major environmental, environmental, environmental concerns, etc.; local tax or political instability; local tax or political instability; local tax or political instability; Past net losses and the likelihood of future losses. slowing the growth of the cybersecurity and application delivery solutions market, or developing the market for cloud-based solutions. A long sales cycle of solutions. Risks and uncertainties related to acquisitions or other investments. The history of corruption and risks associated with doing business in a country with foreign governments. Changes in foreign currency exchange rates. Risks related to undetected defects or errors in our products. The ability to protect unique technologies. A claim for intellectual property infringement by a third party. Laws, regulations, and industry standards that affect our business. Open source and third party license compliance. Complications in the design or implementation of a new Enterprise Resource Planning (“ERP”) system. Reliance on information technology systems. ESG disclosure and initiatives. And other factors and risks that we may have little or no control over. This list is intended to identify only the key factors that may differ in actual results. For a more detailed explanation of the risks and uncertainties affecting Radware, please refer to Radware's Annual Report on Form 20-F, the Annual Report on Form 20-F filed with the Securities and Exchange Commission (SEC), and other risk factors discussed from time to time by Radware in reports filed or filed with Sec. Forward-looking statements will only be spoken as of the date they are made, and unless required by applicable law, Radware does not assume any commitment to amend or update any forward-looking statements to reflect events or circumstances after the date on which such statements are made. Radware's public declarations are available from the SEC website. www.sec.gov Or you can get it on the Radware website www.radware.com.

Media Contact:
Geri Dyrek
Radware
gerri.dyrek@radware.com

Photos accompanying this announcement are available at

https://www.globenewswire.com/newsroom/attachmentng/F5342914-5AE1-430E-A838-B75E663C5EB4

https://www.globenewswire.com/newsroom/attachmentng/83a75b37-0294-485f-a2b8-c968fd9fce15

https://www.globenewswire.com/newsroom/attachmentng/08209312-e0da-48d4-a5aa-aa7deea6b77d



Source link

Related Posts

AI diagnostics can wait. Just eliminate “pajama time”.

Daniel J

Leader Schumer Announces AI Legislation Effort

Daniel J

Nvidia partners with Snowflake to build generative AI applications

Daniel J

Leave a Reply

Your email address will not be published. Required fields are marked *