Only 23% of organizations rated the tools they use to detect and prevent API attacks as very effective.

51% of developers worry about unauthorized or excessive API calls from AI agents, making it their number one security concern.

3% of organizations rated the tools they use to detect and prevent API attacks as not effective at all.

6% of organizations do not know how effective their existing security tools are in preventing API attacks.

2% of organizations use other methods to assess the effectiveness of their API security measures.

13% of organizations reported using GenAI for all API development.

75% of developers, architects, and executives use CI/CD pipelines.

5% of organizations reported that GenAI is not a concern at all for API security.

46% of developers, architects, and executives use cloud deployment.

49% of organizations are using GenAI for some API development.

23% of organizations plan to adopt GenAI within the next 6–12 months for API development.

45% of respondents cited the potential for new API vulnerabilities tied to AI-generated code.

47% of respondents cited difficulty understanding and securing AI-generated code.

56% of respondents cited a lack of control over AI model security used for code generation.

2% of respondents expressed other security concerns about using Generative AI to develop APIs.

35% of respondents cited difficulty ensuring quality and reliability of AI-generated code.

15% of organizations are very confident in detecting and responding to attacks leveraging Generative AI.

55% of organizations were somewhat confident in their ability to detect and respond to attacks leveraging Generative AI.

5% of organizations did not know about their ability to detect and respond to attacks leveraging Generative AI.

60% of developers, architects, and executives version their APIs.