The web application security landscape in early 2025 reflects unprecedented complexity and sophistication in threat vectors. Organizations are confronting a marked increase in attacks that target web applications — Akamai observed more than 311 billion web application and API attacks in 2024 alone, representing a 33% year-over-year increase. This surge correlates directly with the accelerated adoption of cloud services, microservices architectures, and artificial intelligence (AI)–powered applications. Geopolitical factors have further intensified this landscape, with the high technology, commerce, and social media industries experiencing the most significant volume of Layer 7 (application-layer) distributed denial-of-service (DDoS) attacks. Notably, threat actors are now deploying AI-generated kill chains that automate the entire attack lifecycle.

Read the full report by clicking on the download button below.