India’s digital landscape is rapidly evolving, and application programming interfaces (APIs) are playing a crucial role in this transformation. They serve as essential connectors and breathe life into machine learning organisations.
However, with increased dependence on APIs, comes a significant rise in security challenges. The more interconnected systems become, the greater are the potential vulnerabilities that can be exploited. This is where Artificial Intelligence (AI) steps in.
Why APIs Need To Be Secured?
APIs are the backbone of modern applications, powering everything from mobile banking to e-commerce platforms. This makes them prime targets for malicious actors. Notably, successful attacks can potentially lead to data breaches, financial losses, and service disruptions.
Pratik Shah, managing director of India and SAARC at F5 Networks, told AIM, “APIs account for nearly 90% of global web traffic, and the number of public APIs has grown by 460% over the past decade. However, their growing adoption has also made them prime targets for cyber threats, including broken authentication, injection attacks, server-side request forgery and many more.”
“India’s journey towards becoming a global digital leader hinges on the strength of its underlying infrastructure — APIs. These interfaces are the backbone of our digital economy, connecting critical sectors like finance, healthcare, e-commerce, and government services,” he added.
Shah revealed that the Indian Computer Emergency Response Team (CERT-In) reported a 62% rise in API attacks in just the first half of 2024. These attacks are not merely technical breaches; they represent real economic threats, compromising trust, data, and business operational stability.
As per a recent report by Indusface on the State of Application Security in 2024, APIs faced 68% more attacks than websites. DDoS attacks on APIs in particular have surged by 94% quarter-over-quarter, making it 1,600% more than what websites experience. In addition, bot attacks on APIs have increased by 39%.
API Security in India Using AI
Since 2023, CERT-In has incorporated training programs in its annual reports for government officials, the finance and banking sectors, and others, to emphasise the importance of API security and the use of AI to better protect APIs.
In addition, they released a whitepaper in collaboration with Mastercard on using AI to secure APIs in the future.
With the advent of AI advancements and the scale of innovation, traditional methods are no longer the most effective forms of security.
“Unlike traditional security mechanisms that rely on static rules, AI enables automated mitigation by proactively blocking, throttling, or challenging suspicious traffic without interfering with legitimate users,” Shah further said.
“Additionally, AI models continuously integrate the latest threat intelligence, allowing organisations to stay ahead of evolving attack vectors, including zero-day vulnerabilities.”
Sharing an example of how his company, F5, tackles this, Shah mentioned that they have developed an AI-driven platform that integrates API discovery, vulnerability detection, and real-time monitoring.
Considering the applications deal with massive amounts of telemetry data, AI can automate the process of detecting anomalies in real time, helping businesses protect themselves long before a breach can occur.
“AI’s predictive capabilities allow business leaders to proactively secure APIs, maintaining trust, compliance, and operational efficiency across their digital systems,” he noted.
Meanwhile, sharing his thoughts on this with AIM, Nassim Asrir, co-founder at ZeroZenX, mentioned, “I believe that AI-powered cybersecurity tools can play a significant role in securing APIs, but it is important to have a balanced perspective on their capabilities.”
“However, it is crucial to recognise that while AI can greatly reduce the risk of API breaches it cannot eliminate the threat entirely. AI is a tool designed to detect and mitigate known and unknown external threats, but it is not infallible,” Asrir added.
The Future of AI-Powered API Security in India
The future of API security in India is intertwined with the continuous advancement and adoption of AI.
Sameer Meher, a cybersecurity expert at EY, told AIM, “AI is playing a big role in keeping APIs secure in India. With digital transactions and data sharing growing rapidly, AI helps detect threats in real time, spot unusual activities, and stop attacks before they cause damage.”
As AI technology evolves, we expect even more sophisticated solutions for threat detection, vulnerability management, and authentication.
By embracing AI-powered API security, India can build a robust and resilient digital ecosystem, fostering innovation and trust in the digital economy.
