Articles about API

APIs are the glue that holds together the modern enterprise. As digital transformation projects get the boardroom green light in ever greater numbers, so the infrastructure connecting software, data and experiences has expanded. Yet a potential storm is coming in 2025, as a new wave of agentic AI innovation takes hold in the enterprise. In fact, Gartner predicts over 30 percent of the increase in demand for APIs will come from AI and tools that use Large Language Models (LLMs)by 2026.

Unless organizations can mature their API security posture, next year could be the first time we see an LLM app security breach linked to APIs. And without improved API observability, it won’t be the last.

Continue reading →

A new study finds 25 percent of respondents have encountered AI-enhanced security threats related to APIs or LLMs, with 75 percent of respondents expressing serious concern about AI-enhanced attacks in the future.

The research from API specialist Kong shows that although 85 percent say they're confident in their organization's security capabilities, 55 percent of respondents have experienced an API security incident in the past year, highlighting a notable disconnect.

Continue reading →

As organizations increasingly adopt AI capabilities, the most common and dangerous attacks often go undetected by static code scanning or traditional security methods.

The only effective way to stop common AI attacks, such as prompt injection and zero-day vulnerabilities, is through active runtime detection and defense. Operant AI is launching a new 3D Runtime Defense Suite aimed at protecting live cloud applications, including AI models and APIs in their native environments.

Continue reading →

Digital services, including Generative AI, rely heavily upon Application Programming Interfaces (APIs) to access and relay data. But securing these conduits can be difficult so is this a problem that AI could help solve?

We spoke to James Sherlow, systems engineering director, EMEA, at Cequence Security, to find out how Generative AI might be used to address API security.

Continue reading →

APIs are essential to the smooth running of the internet, allowing the seamless transfer of information between applications and services.

Of course all of this happens behind the scenes but that's not to say that APIs should be ‘out of sight out of mind'. We spoke to Mayur Upadhyaya, CEO at APIContext, to learn more about API Security and the importance of APIs in general.

Continue reading →

Over the past few years, technology teams have split into smaller work groups with more focused tasks. The rise of the cloud has created the need for DevOps teams, and the gap has grown wider between teams that build products and teams that manage products.

At the same time, applications have become dramatically more complicated. This has given rise to specialized site reliability engineers who are well-versed in monitoring all application components, including APIs. However, focusing API resilience in one team has allowed organizations to treat the symptoms rather than the underlying problem.

Continue reading →

Most organizations find themselves in the midst of their API security journey, racing to keep pace with expanding API ecosystems in a colossal threat landscape. As a core enabler of modern applications, facilitating seamless connectivity and powering mobile and web applications, APIs are everywhere. The DevOps revolution has completely transformed the pace at which developers can design and build APIs faster than a security team can match. 

Large enterprises are operating with tens of thousands of APIs, and even small organizations have a surprising number, both internal and external. With applications and API portfolios becoming increasingly complex, maintaining a comprehensive understanding of all existing APIs has emerged as a significant hurdle. As APIs can quickly become obscured or forgotten, many organizations lack accurate context into the sheer scale and volume of APIs that persist across their infrastructure -- subsequently resulting in the absence of a full picture of their attack surface. As one cannot secure what they cannot see, the absence of discovery mechanisms opens organizations to a host of security risks.  That is why API discovery is now a crucial process for security teams, designed to identify, catalog, and assess APIs. 

Continue reading →

A new report shows that while 14 percent of organizations experienced an API attack in the last 12 months, only 38 percent say they have an API security solution in place.

The research from Traceable AI, based on a security of cybersecurity delegates at the RSA conference, finds that although 43 percent of organizations say they do not struggle with API sprawl, 33 percent are unsure if they are managing it effectively, and 24 percent acknowledge they are struggling.

Continue reading →

The popularity of Large Language Models (LLMs) has prompted an unprecedented wave of interest and experimentation in AI and machine learning solutions. Far from simply using popular LLMs for sporadic background research and writing assistance, LLMs have now matured to the degree where particular solutions are being used within specific workflows to solve genuine business problems.

Industries such as retail, education, technology, and manufacturing are using LLMs to create innovative business solutions, delivering the required tools to automate complex processes, enhance customer experiences, and obtain actionable insights from large datasets.

Continue reading →

A new study reveals that 95 percent of respondents have experienced security problems in production APIs, with 23 percent suffering breaches as a result of API security inadequacies.

API security incidents have more than doubled within the past 12 months, with 37 percent of respondents experiencing an incident, compared to just 17 percent in 2023.

Continue reading →

Aging, monolithic systems, and a lack of technological understanding at the executive level are limiting organizational agility and responsiveness to disruptions according to a new report.

The IDC InfoBrief, sponsored by IFS and Boomi polled over 1,000 C-level respondents across 12 countries and finds that legacy technology platforms and unfamiliarity with the essential role APIs and composability play in unlocking business data are combining to hamper insights and transformation.

Continue reading →

The proliferation of APIs in the financial services industry has created a vast and complex attack surface that traditional security measures cannot adequately protect.

API security specialist Traceable AI surveyed over 150 cybersecurity professionals in the US, uncovering critical vulnerabilities, concerns, and current API security practices in the financial sector.

Continue reading →

With the move to hybrid working, the rapid adoption of cloud, increased use of mobile and IoT devices, combined with the ongoing drive to modernize and transform IT operations, the attack surface of every organization has -- and continues to -- expand.  

Traditional boundaries have been blurred between businesses, suppliers, partners, customers, workers, and even home-life, with this ecosystem continuing to grow. Here, APIs are providing the connective tissue for modern applications and legacy infrastructure to co-exist.  

Continue reading →

With the arrival of Large Language Models (LLMs) such as ChatGPT, BERT, Llama, and Granite, the operational dynamics within the enterprise sector have significantly changed. LLMs introduce unique efficiencies, paving the way for innovative business solutions. LLMs currently stand at the forefront of technological advancement, offering enterprises the tools to automate complex processes, enhance customer experiences, and obtain actionable insights from large datasets.

The integration of these models into business operations marks a new chapter in digital transformation and therefore requires a closer look at their development and deployment.

The lifecycle of LLMs and the role of APIs

Continue reading →

As enterprises increasingly integrate generative AI into critical applications they, often unwittingly, expose those applications to attacks that exploit the unique characteristics of AI, such as prompt injection, insecure outputs, and sensitive data disclosure.

API security company Traceable AI is announcing an early access program for its new Generative AI API Security capability, aimed at specifically targeting the security risks of integrating Gen AI into applications.

Continue reading →