New Insights into API Security from Wallarm's Recent Report

Author: Evelyn Baker Updated: 04-24-2025 06:15 AM

Wallarm's Q1 2025 API Threat Report Highlights Rising Threats

Half of all security issues in Agentic AI code repositories (65%) are API-related.

Wallarm, a leader in API and AI security solutions, has recently unveiled findings from The Rise of Agentic AI, the API ThreatStats report for Q1 2025. This comprehensive study underscores the escalating API threats driven by emerging agentic AI systems, increased complexity in cloud-native infrastructures, and growing software supply chain risks. The insights provided aim to assist organizations in prioritizing vulnerabilities and reinforcing their defenses against these evolving threats.

According to Ivan Novikov, CEO and Co-Founder of Wallarm, "In the first quarter of 2025, the prevalence of API threats has continued to rise across diverse industries from healthcare to AI and beyond. Our findings indicate that the security risks associated with AI agents predominantly stem from APIs. Agentic AI presents vulnerabilities akin to traditional code, yet they illustrate a significant proportion of API-related security issues. Addressing the security of agentic AI cannot be achieved without a focused approach to APIs."

The report reveals that APIs are integral to all Agentic workflows. However, cybersecurity standards, such as CVE and CISA KEV, have not kept pace with the evolving security risks attributed to Agentic AI. To better understand current trends, Wallarm's researchers delved into GitHub security issues dating back to 2019 for Agentic repositories. From analyzing 2,869 security issues in Agentic AI projects, it became evident that a staggering 65% were API-related, highlighting the critical link between agent and API security.

Moreover, the report addressed API breaches that transpired in early 2025, affecting various notable organizations including Oracle Cloud, DeepSeek, CommonCrawl, Volkswagen, NHS UK, Microsoft, BeyondTrust, and OmniGPT. No industry was spared from these breaches, emphasizing the widespread vulnerability landscape.

Key Findings from the Q1 2025 Report

The report outlines several critical findings:

API Vulnerabilities

The majority of security issues (65%) in Agentic AI repositories are API-related, with over 700 issues still unaddressed. Moreover, 25% of reported security vulnerabilities remain open, some unresolved for over 1,200 days, revealing a significant gap between identifying vulnerabilities and remediation efforts.

Industry-Wide Impact

The top five API breaches span various sectors including cloud computing, AI, automotive, and healthcare, underscoring the urgent need for enhanced cybersecurity measures across industries.

Access Control Issues

With 60% of the top vulnerabilities linked to access control, access control weaknesses continue to prevail within APIs.

Protecting Against API Threats

APIs are not merely components of the attack surface; they represent the attack surface itself. As attackers focus on APIs as both the entry point and target, it becomes crucial for organizations to adopt proactive measures. Enhancing threat models to address contemporary environmental challenges, prioritizing API security updates, formulating effective Agentic AI security strategies, and implementing real-time API traffic monitoring are essential steps to mitigate these threats.

To access the full Q1 2025 API Threat Report, visit Wallarm's official site for more in-depth information and insights into rising threats.

About Wallarm

Wallarm is recognized as the only unified platform for API and agentic AI security, effectively utilized in enterprise production environments. The company enables organizations to secure their APIs and AI agents by providing a comprehensive inventory management system, real-time blocking capabilities, and patented AI/ML-based abuse detection. Based in San Francisco, California, Wallarm is financed by investors including Toba Capital, Y Combinator, Partech, and others.

Media Contact

Michelle Kearney
Hi-Touch PR
443-857-9468

Frequently Asked Questions

What is the focus of Wallarm's Q1 2025 API Threat Report?

The report focuses on the rising API threats associated with Agentic AI systems and provides insights to help organizations improve their security measures.

How significant are API-related vulnerabilities according to the report?

The report reveals that 65% of security issues in Agentic AI repositories are API-related, signifying a critical area of concern.

What organizations were highlighted in the report for API breaches?

The report discussed breaches affecting organizations such as Oracle Cloud, Volkswagen, and NHS UK, reflecting the widespread nature of the threats.

Why is access control important in API security?

Access control vulnerabilities are identified as a primary concern, with 60% of top vulnerabilities related to this issue, making it essential for organizations to prioritize their security strategies.

What proactive measures can organizations take against API threats?

Organizations can enhance threat models, prioritize API security, create effective strategies, and implement real-time monitoring to safeguard against vulnerabilities.

About The Author

Greetings, I'm 32-year-old author and financial specialist Evelyn Baker. My introduction into the financial industry started with an economics degree and continued with a wealth of experience in wealth management and financial consulting. My great passion over the years has been assisting people and companies in making wise, well-informed decisions to reach their financial objectives.

My goal with writing is to simplify difficult financial ideas into understandable, doable guidance. My goal in writing many books and articles is to make personal finance understandable to everyone, irrespective of their experience or background. I want to give readers the information they need to take charge of their financial futures, from investing and retirement planning to budgeting and saving.

Along with my writing, I lead webinars and workshops where I provide doable advice and methods for achieving financial success. To reach a larger audience, I also frequently contribute to financial blogs and publications. My method is always to offer doable, real-world guidance that can actually improve people's lives.

Aside from my job, I like to cook, travel, and experience other cultures. I work hard to apply my belief in the value of a balanced life to my financial counsel. My goal in working is to encourage and enable people to succeed financially so they may lead the best lives possible.

Contact Evelyn Baker privately here. Or send an email with ATTN: Evelyn Baker as the subject to contact@investorshangout.com.

About Investors Hangout

Investors Hangout is a leading online stock forum for financial discussion and learning, offering a wide range of free tools and resources. It draws in traders of all levels, who exchange market knowledge, investigate trading tactics, and keep an eye on industry developments in real time. Featuring financial articles, stock message boards, quotes, charts, company profiles, and live news updates. Through cooperative learning and a wealth of informational resources, it helps users from novices creating their first portfolios to experts honing their techniques. Join Investors Hangout today: https://investorshangout.com/

The content of this article is based on factual, publicly available information and does not represent legal, financial, or investment advice. Investors Hangout does not offer financial advice, and the author is not a licensed financial advisor. Consult a qualified advisor before making any financial or investment decisions based on this article. This article should not be considered advice to purchase, sell, or hold any securities or other investments. If any of the material provided here is inaccurate, please contact us for corrections.