It seems everyone's got an API-connected LLM nowadays, but not everyone is aware of the inherent security risks.
KONG's Security Perspectives 2025: AI-Enhanced Threats and API Security Report, released this week, highlights today’s API security landscape and how new developments in AI will impact it. Most notably, 25% of survey respondents have encountered AI-enhanced security threats related to APIs or LLMs, with 75% of respondents expressing serious concern about AI-enhanced attacks in the future, according to the report.
And while 85% say they’re confident in their organization’s security capabilities, 55% of respondents said they experienced an API security incident in the past year.
This disconnect is costly. One in five respondents said their organization experienced an API security incident that cost more than $500,000 in the past 12 months.
While 92% of respondents say they are taking measures to counter AI-enhanced attacks and 88% of respondents citing API security as a top priority, it is clear that many organizations lack the comprehensive security measures needed to protect their API infrastructure in the AI era.
Today's MSSP Update
1. Stamus's new NDR: Stamus Networks introduced the successor to its flagship Stamus Security Platform and SELKS open-source offerings: Clear NDR. This network threat detection and response (NDR) solution can be deployed as a standalone NDR solution or integrated into an organization’s AI-driven security operations center (SOC).
2. CyTwist's detection engine for AI malware: CyTwist’s solution profiles threat actors using advanced counterintelligence methodologies and hyper-targeted probability algorithms, resulting in detection of a suspected attack within minutes, the company claims. The firm's malware detection engine is specifically designed to recognize new types of malware and enhance traditional EDR and XDR systems. By focusing on identifying unknown threats through attacker behavior profiles, it detects AI-generated malware by looking for unusual code structures and non-standard progression, among other signs.
3. Cato's IoT/OT SASE solution: Cato Networks has launched a SASE-native IoT/OT security solution, Cato IoT/OT Security. The solution is aimed at securing Internet of Things (IoT) and operational technology (OT) devices in enterprise environments. The new solution is currently generally available and seamlessly integrates with the Cato SASE Cloud Platform.
4. Auguria expands platform, partnerships: AI-powered SecOps and threat intelligence provider Auguria, which came out of stealth earlier this year, announced enhancements to the Auguria Security Knowledge Layer (SKL) Platform and several new integrations with some of the largest cybersecurity data sources, including SentinelOne, Palo Alto Networks, Microsoft and CrowdStrike. These new integrations enable SecOps teams to consolidate, prioritize, and analyze data from multiple sources within Auguria’s platform.
5. SecurityScorecard goes to Hollywood for new advisor: SecurityScorecard this week appointed Sandy Climan, CEO of Entertainment Media Ventures, to its Advisory Board. Climan is a prominent figure in Hollywood, with executive leadership roles at Universal Studios, MGM, and Creative Artists Agency. Climan joins the advisory board as SecurityScorecard is evolving from security ratings to Supply Chain Detection and Response (SCDR). This strategic shift is in response to the growing demands of cybersecurity professionals and addresses the increasing threats posed by third-party suppliers, vendors, and ecosystem business partners.
Drop me a line at [email protected] if you have news to share or want to say hi!
