CDNetworks' State of WAAP Report reveals 887.4 billion web App and api attacks in 2024, a 21.4% yoy increase

CDNetworks, the APAC-leading network to deliver edge as a service, today released its latest State of Web Application and API Protection (WAAP) Report. The report shows that CDNetworks' security platform intercepted 887.4 billion web attacks targeting applications and APIs in 2024, marking a 21.4% increase compared to the previous year.

The report also highlights a rise in both the intensity and sophistication of attacks, fueled by the rapid adoption of AI automation tools. In 2024, terabit-level DDoS attacks increased nearly tenfold, with 86% lasting more than 10 minutes. At the same time, CDNetworks' AI-powered defenses blocked 114.7% more malicious bot traffic compared to 2023. These trends point to a more challenging threat landscape, where attacks are easier to launch and increasingly difficult to defend against.

Other key findings of the report include:

·Gaming platforms remained top DDoS targets; e-commerce bot attacks increased by 46.2%.

·78% of API attacks occurred post-authentication, revealing a significant security gap.

·Web exploit attacks surged by 35.01%, with HTTP protocol violations identified as a primary attack vector.

·AI-powered defense has become essential against evolving threats (e.g., low-and-slow DDoS, AI-driven bot attacks).

The State of WAAP Report 2024 also provides strategic recommendations to help organizations strengthen their security posture and prepare for future security challenges.

"The landscape of web application and API attacks is shifting dramatically due to increased automation and complexity," said Antony Li, Global Head of Infrastructure at CDNetworks. "Our report uncovers these emerging challenges and highlights why intelligent, AI-powered defenses are no longer optional but essential."