We recently released The Rise of Agentic AI,**** our API ThreatStats report for Q1 2025, finding that evolving API threats are fueled by the rise of agentic AI systems, growing complexity in cloud-native infrastructure, and a surge in software supply chain risks, and uncovered patterns and actionable insights to help organizations prioritize risks and harden their defenses. Keep reading to find out more. Agentic AI: Same Old Security Challenges, Amplified Risks Agentic AI is the technology of the moment. It is the newest and most exciting AI frontier, able not just to answer queries but to actually act autonomously on behalf of human users. But, contrary to what one might expect, it shares the same security risks as many other types of code. It’s important to understand that APIs are fundamental to Agentic AI workflows. 65% of the 2869 Agentic AI security issues we found during our GitHub analysis were API-related. This means that agent security and API security are inseparable. We see further evidence of this when categorizing agentic security issues by Common Weakness Enumeration (CWE). While use of Unmaintained 3rd Party Components (CWE-937) came out on top, mirroring security issues in software more broadly, second and third place drive home the intrinsic link between agentic and API security – Improper Input Validation (CWE-20) and Uncontrolled Resource Consumption (CWE-400) are both prevalent API security risks. The takeaway here is that although the security…Read More
The API Imperative: Securing Agentic AI and Beyond
