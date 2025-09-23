Indusface released its State of Application Security – India H1 2025 Report. The findings reveal a 15% increase in cyberattacks compared to H1 2024, with over 4.26 billion attacks blocked by AppTrana WAAP during the six-month period. Each site faced an average of 4.1 million attacks, underscoring the rising intensity of targeted threats across Indian enterprises.

APIs emerged as the most vulnerable target. API attacks grew by 126% year-on-year, with vulnerability exploitation increasing 13 times and DDoS incidents on API hosts surging 388% per site. In total, more than 1.36 billion API attacks were recorded in H1 2025. In contrast, website attacks rose by 11%, with vulnerability exploits up 26% and DDoS attacks up 15%. AppTrana blocked 62% of all attacks through custom rules tailored to specific applications, while 38% were mitigated by its default rule set, reflecting the growing sophistication of targeted threats.

The report also highlighted the persistence of bot-driven and DDoS activity. Over 1.51 billion DDoS attacks were blocked in the first half of 2025, affecting 70% of monitored sites, while 90% of websites experienced bot attacks, totalling 45.3 million incidents. Attack traffic originated largely from India, followed by the United States, France, Singapore and Germany.

Advertisement

India is now among the top five global sources and targets of application-layer attacks. Attackers are shifting from high-volume disruption to low-and-slow precision exploits, often weaponising zero-days within days of discovery. Nearly 40% of Indian enterprises admitted they lacked resources to respond to continuous vulnerabilities, leaving critical applications exposed for prolonged periods. Alarmingly, one-third of high-severity vulnerabilities in India remained unpatched for more than six months, creating a persistent attack surface.

Sectoral analysis showed sharp increases in cyber threats across industries. Insurance recorded a 309% rise in overall attacks, with DDoS surging 350% and vulnerability exploits increasing tenfold. Manufacturing reported a 311% increase, with DDoS up 427% and vulnerability exploits up 459%. Banking and financial services faced a 14% rise in overall attacks, vulnerability exploitation up 46%, and DDoS incidents spiking 172% during Operation Sindoor, underscoring how geopolitical events intensify sector-specific risks.

Healthcare websites reported a 247% increase in targeted attacks blocked via custom rules, with every monitored site hit by bots. Retail and e-commerce faced a 420% surge in DDoS incidents and 127% higher vulnerability exploitation, alongside bot-driven carding and credential abuse. Small and mid-sized businesses were disproportionately affected, facing 202% more website attacks, 74 times more API attacks and 121 times higher API DDoS incidents compared to large enterprises.

“Vulnerability attacks, especially on APIs, have surged 13x compared to last year. APIs are now one of the biggest risk surfaces for enterprises because of extensive third-party integrations and the sensitive data flows they enable. Through our exploit analytics, we’ve given enterprises unmatched visibility into these attacks and blocked them instantly using autonomous vulnerability remediation.” Said Ashish Tandon, Founder & CEO, Indusface.

“Most importantly, AI helped us shrink the mean time to remediate (MTTR) from months to days. We’ve already helped customers generate thousands of zero-vulnerability reports, with an average turnaround of just 12 hours. That is a game-changer when you consider that hackers weaponise new vulnerabilities in under 48 hours, particularly for critical CVEs. With Indusface, customers can stay not just compliant, but a step ahead.” Added, Ashish.

Indusface’s ROI Analysis of Managed WAAP demonstrated measurable business value for Indian enterprises. Indian enterprises gained annual value of up to ₹21 lakhs just in operational savings. Key benefits included improved vulnerability remediation cycles,minimised reliance on internal teams; continuous DDoS and bot mitigation reduced outage-related losses; and avoided penalties and reputational damage associated with non-compliance and breaches.

The study further estimated that DDoS monitoring cost avoidance alone delivered savings of up to 40% compared to traditional in-house monitoring and incident response frameworks, highlighting how managed WAAP services can be a cost-efficient alternative.

The report revealed 18,000 critical and high-severity vulnerabilities across applications in India in H1 2025, with one-third of these left open for over six months. AppTrana immediately mitigated all attempts to exploit these open vulnerabilities through virtual patching. Zero-day vulnerabilities also climbed steeply, with 3,508 detected in the first half of 2025 compared to 1,265 a year earlier. AppTrana customers benefited from 100% protection against these zero-days, with 98% covered by default rules and the remainder secured by custom mitigations.

With regulators such as SEBI and RBI intensifying their scrutiny, the report emphasises that faster vulnerability detection, real-time patching and continuous monitoring will be vital. For resource-constrained SMEs, managed WAAP solutions with AI-driven bot mitigation, adaptive DDoS defense and automated vulnerability management will be essential to withstand the rising tide of application-layer threats.