Guardians of the Enterprise — Insights from leading cyber experts.

Listen Now →

State of Application Security SMB’s H1 2025

Overview:

While SMBs play a critical role in the economy, limited security budgets, outdated tools, and lack of in-house expertise leave them exposed to an increasingly aggressive threat landscape.

The report reveals that these businesses faced 1.45 billion total attacks in the first half of the year, a 36% increase from H1 2024. On average, each SMB site was hit 3.61 million times, a staggering 127% higher attack rate than enterprises.

Key Takeaways :

  • SMBs faced 1.45 billion attacks in H1 2025, a 36% increase from H1 2024
  • Each SMB site was hit 3.61 million times, 127% more than enterprises
  • 86% of DDoS attacks targeted websites and APIs, with APIs seeing 1,403% higher volume than websites
  • Bots hit 97% of SMB sites, driving credential stuffing and API scraping
  • AI-powered WAAP with human verification and 72-hour remediation helps close the security gap


APPTRANA WAAP

Web apps, APIs, and AI systems. Protected from day one. Autonomously.

OWASP Top 10 protection from day one. Zero false positives, guaranteed. Vulnerabilities discovered and patched at the edge. Experts verify enforcement before policies go live. 24x7 managed services included.

Start Free Trial Explore AppTrana
✓ Gartner Customers' Choice 4 years running 100% customer recommendation rate

No credit card required