The IT Nerd

Wallarm today announced its role in the publication of “A2AS: Agentic AI Runtime Security and Self-Defense,” a groundbreaking research project led by Eugene Neelou (OWASP, Wallarm) together with researchers from AWS, Bytedance, Cisco, Elastic, Google, JPMorganChase, Meta, and Salesforce.

The A2AS framework introduces a new security layer for AI agents, LLM-powered applications, and AI protocols, similar to how HTTPS secures HTTP.

The A2AS framework is built on three breakthrough capabilities that fundamentally address agentic AI security risks such as prompt injection, tool misuse, and agent compromise:

• Behavior Certificates: The industry’s first mechanism for declaring and enforcing AI agent actions and permissions. Like HTTPS certificates secured the web, behavior certificates can secure agentic AI interactions with users, tools, and other agents.
• Model Self-Defense Reasoning:  Embeds security awareness directly into the AI model’s context window, guiding it to recognize and reject malicious or untrusted instructions in real time without any external components or guardrails.
• Prompt-Level Security Controls: Provides authenticated prompts, security boundaries, and policy-as-code so that every request and interaction is verified, sandboxed, and aligned with enterprise security policies.

As enterprises rapidly deploy agentic AI into workflows across finance, healthcare, and infrastructure, the security risks scale from individual task failures to enterprise-wide compromise. Traditional guardrails and post-processing methods have proven to be too slow, too complex, and too costly. A2AS offers a practical, lightweight, and scalable approach that protects AI agents at runtime without adding latency or operational complexity.

Eugene Neelou, an industry pioneer and Head of AI Security at Wallarm, serves as the lead for the A2AS project. Neelou previously coined the term MLSecOps, co-founded the world’s first AI red teaming startup, and co-authored the OWASP Top 10 for LLM Security. He is joined by Ivan Novikov, Founder and CEO of Wallarm, who contributed his expertise in API and AI security.

The A2AS paper is the first in a series of publications aimed at establishing A2AS as the industry standard for AI runtime security. Researchers, engineers, and enterprises interested in design partnerships or early adoption are invited to read the paper, learn more, and get involved at https://a2as.org. Contact the project team to explore collaboration opportunities and shape the future of secure AI.

Wallarm announced the introduction of the industry’s first-ever API Revenue Protection capability, setting a new standard for aligning API security with business impact. Delivered as a set of integrated features in the Wallarm platform, this new capability empowers CISOs to become strategic business partners by quantifying how attacks impact revenue, disrupting attacker economics, and demonstrating financial ROI. 

From AI-generated abuse to account takeovers and business logic exploits, API threats are evolving faster than signatures can keep up. At the same time, organizations rely on digital revenues enabled through APIs, such as payment processing and partner integrations. Downtime or compromise of these API endpoints can result in immediate, costly consequences. 

Powered by agentic AI and transaction-aware telemetry to track revenue flows and shut down fraud in-session before attackers win, Wallarm’s new capability ensures continuous availability through protection of revenue-generating APIs, shielding them from the most sophisticated threats while providing visibility into the actual dollars at risk and protected.

Key features and benefits include:

• Automated Identification of Revenue-Critical APIs: Automatically detects which APIs contribute to revenue based on traffic patterns, monetization logic, and integration context. 
• Transaction-Aware Revenue Attribution: Extracts revenue amounts directly from API transactions, such as order values, subscription events, or payment confirmations, to provide real-time financial insight using the actual revenue flowing through APIs.
• Advanced Threat Protection for High-Value Endpoints: Delivers effective, real-time mitigation of attacks, protecting revenue-generating APIs from OWASP Business Logic Abuse Top 10, account takeover (ATO) attacks, data scraping and credential stuffing, agentic AI-driven attacks, and business logic anomalies that can lead to fraud or service abuse.
• Business Context-Aware Detection and Response: Adapts in real time to evolving threat patterns while maintaining API availability and user experience by analyzing the full business logic and transaction flows behind each API.
• Purpose-Built Revenue Protection Dashboard: Quantifies protected revenue, highlights attack trends targeting monetized APIs, and helps security leaders communicate their value to executive stakeholders.

Security teams can now quantify how much revenue has been protected and shift the conversation from reactive risk mitigation to proactive value creation. For digital-first enterprises, they can now measure a new security metric: Revenue Secured Per Dollar Spent.

Wallarm’s Revenue Protection for APIs will be demonstrated at Black Hat USA 2025 in Las Vegas, is available for Early Access, and will be generally available in the second half of 2025.

For more information, visit https://www.wallarm.com/product/api-security-overview.

Wallarm today announced the findings of The Rise of Agentic AI, the API ThreatStats report for Q1 2025. The report found that evolving API threats are fueled by the rise of agentic AI systems, growing complexity in cloud-native infrastructure, and a surge in software supply chain risks, and uncovered patterns and actionable insights to help organizations prioritize risks and harden their defenses.

While APIs are central to all Agentic workflows, cybersecurity standards such as CVE and CISA KEV are trailing indicators of API and overall security risks presented by Agentic AI. In order to gain insights into current and future trends, Wallarm researchers took a deep dive into GitHub security issues for Agentic repositories. Of the approximate 4,700 security issues analyzed in Agentic AI projects, they found that half were API-related (49%), underscoring the inseparability of agent and API security.

The report also analyzed API breaches that occurred in Q1 2025. No industry was immune, as highlighted by breaches impacting organizations such as Oracle Cloud, DeepSeek, CommonCrawl, Volkswagen, National Health Service (NHS) UK, Microsoft, BeyondTrust, and OmniGPT.

Key findings include:

• Nearly half of all security issues in Agentic AI repositories (49%) are API-related and over 1,000 issues remain unaddressed.
• 22% of reported security issues remain open, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.
• The top five API breaches span cloud, AI, automotive, and healthcare, underscoring industry-wide concerns and urgent relevance to cybersecurity worldwide.
• With 60% of top vulnerabilities found to be access control-related, access control remains prevalent across APIs.

APIs are not just part of the attack surface — they are the attack surface. From legacy system exposures to AI-native risks, attackers are increasingly targeting APIs as both the entry point and objective. In order to protect themselves from these threats, organizations need to take proactive measures to ensure existing threat models account for the current environment and prioritize API security by updating API threat models and security workflows, creating Agentic AI security strategies, implementing real-time monitoring of API traffic, and updating both threat intelligence and API discovery methodology.

To download the full Q1 2025 API Threat Report, visit http://www.wallarm.com/press-releases/wallarm-unveils-findings-from-q1-2025-api-threat-report-uncovering-evolving-api-threats-across-multiple-industries

Wallarm, the leader in API and AI security solutions, is pleased to announce a groundbreaking offer for the enterprise security community: penetration testing for Agentic AI systems. This industry-first offer is designed to help organizations assess and secure their AI-driven systems from emerging threats.

As enterprises increasingly turn to Agentic AI — advanced AI systems capable of autonomous decision-making, continuous learning, and sophisticated action-taking — concerns about security vulnerabilities in these complex systems are mounting. In fact, Wallarm’s recent API ThreatStats report demonstrated that 57% of AI powered APIs are available externally, and 89% relied on insecure authentication methods, such as static keys. Wallarm’s penetration testing service focuses on key attack vectors like jailbreaking, injections, and other security threats that can compromise the integrity and performance of Agentic AI.

The service, powered by Wallarm’s advanced cybersecurity analysts, provides businesses with a detailed report highlighting vulnerabilities and offering insights into how to safeguard these cutting-edge technologies. By leveraging Wallarm’s expertise in API security, companies can ensure that their Agentic AI systems remain secure in an increasingly connected world.

With AI agents becoming a cornerstone of enterprise operations, Wallarm’s service is a timely initiative to help organizations understand and mitigate the unique security challenges of this new frontier in AI technology.

How to Learn More

Interested parties can request a free Agentic AI penetration test by following the link below and submitting a request. Wallarm’s security experts will then conduct a thorough analysis of the AI system’s vulnerabilities and provide a detailed report with actionable recommendations. For more information, please visit https://www.wallarm.com/solutions/protect-agentic-ai.

Hot off the heels of this report about a jailbreak related to DeepSeek, Wallarm published a new analysis revealing that its security researchers have discovered a novel jailbreak technique for DeepSeek V3. This technique allows researchers to ask questions and receive responses about DeepSeek’s root instructions, training, and structure. 

Other jailbreaks have focused on getting the LLM to discuss restricted topics or build something prohibited, like malicious software. Wallarm’s jailbreak focused on getting DeepSeek to share restricted data about itself, how it was trained, policies applied to its behavior, and other facts about the model. 

Wallarm contacted DeepSeek about this vulnerability, and they addressed it as quickly as an hour ago. DeepSeek V3 is no longer susceptible to this specific jailbreak technique. Wallarm also found evidence that DeepSeek is based on OpenAI, stating this has been demonstrated sufficiently elsewhere.

You can find the blog post now live at: https://lab.wallarm.com/jailbreaking-generative-ai/. 

Wallarm, a global leader in API security, today released its 2025 API ThreatStats Report, revealing that APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks. Wallarm’s annual report bridges a critical gap between technical and strategic aspects of API security by sharing actionable insights tailored to the distinct responsibilities of CISOs and CIOs.

Wallarm’s researchers tracked 439 AI-related CVEs, a staggering 1,025% increase from the prior year. Nearly all (99%) were directly tied to APIs, including injection flaws, misconfigurations, and new memory corruption vulnerabilities stemming from AI’s reliance on high-performance binary APIs. With the exponential rise in AI adoption and exploits, Wallarm introduced a new ThreatStats Top 10 category, Memory Corruption and Overflow. This new category addresses vulnerabilities that arise from improper memory handling and access, resulting in security breaches such as unauthorized data access, crashes, and arbitrary code execution, and was driven by Wallarm’s analysis of how AI workloads interact with hardware, exposing APIs to issues like buffer overflows and integer overflows.

Additionally, more than 50% of all recorded CISA exploited vulnerabilities were API-related for the first time, a 30% increase from the year before, and this highlights the growing prevalence and criticality of API security in modern threat environments. API vulnerabilities surpass traditional exploit categories like kernel, browser, and supply chain vulnerabilities, underscoring their central role in cyberattacks.

Key insights and observations include:

• AI as a catalyst for new vulnerabilities: In Wallarm’s survey of 200 US-based enterprise leaders on AI and API security, over 53% reported engaging in multiple AI deployments. These deployments are primarily enabled by API technology, cementing APIs as the foundation of enterprise AI adoption. However, while AI integration drives rapid API adoption across industries, it also introduces unique risks. For instance, Wallarm’s threat intelligence flagged significant vulnerabilities in AI tools like PaddlePaddle and MLflow, which underpin enterprise AI deployments. These tools were exploited at API endpoints, compromising training data, siphoning intellectual property, or injecting malicious payloads into machine learning pipelines. Additionally, APIs facilitating real-time data exchanges between AI models and applications often lack adequate security measures, making them susceptible to injection, abuse, and memory-related exploits.
• Legacy and modern APIs both under attack: While legacy APIs such as those used in Digi Yatra and Optus incidents remain vulnerable due to outdated designs, modern RESTful APIs are equally at risk due to complex integration challenges and improper configurations. APIs now represent the largest category of exploited vulnerabilities in CISA KEV, with modern APIs representing over 33%. Exploits include improper authentication, injection attacks, and API endpoint misconfigurations, targeting enterprise-grade platforms with prominent attacks, including Invanti and Palo Alto Networks. Legacy APIs in web applications represent over 18% of exploited vulnerabilities. These vulnerabilities arise in older APIs typically used within web applications for AJAX backends, URL parameters, or direct calls to .php files. Often integrated into devices like cameras or IoT systems, these APIs lack the robust security measures of their modern counterparts, with key exploit types including URL-based injection, CSRF attacks, and outdated session handling mechanisms.
• Growing exploitation of authentication and access control: The Twilio and Tech in Asia breaches demonstrated how attackers exploit weak authentication and access control mechanisms to gain unauthorized access. These issues are exacerbated by the decentralized nature of API management in large organizations, as API-related breaches escalate in frequency and severity. For instance, in last year’s Wallarm Annual Report based on 2023 data, API-related breaches were significant but sparse, with only a few incidents reported each quarter. In 2024, this picture changed dramatically, with an average of three monthly incidents—and, at times, as many as five to seven breaches each month. The rise of API-driven systems in sectors like healthcare, transportation, technology, and financial services has led to a surge in vulnerabilities, placing APIs squarely at the center of the cybersecurity landscape.

Underscoring the report’s central findings is that AI security is API security. As APIs drive innovation, particularly in AI-enabled systems, organizations need real-time API controls to protect their business operations, customer trust, and long-term success. Looking ahead to 2025, organizations must prioritize API security to safeguard their systems and unlock the full potential of APIs as the key driver of business transformation.

To download the report, visit https://www.wallarm.com/resources/2025-api-threatstats-tm-report.

Wallarm has unveiled a report where hackers are exploiting DocuSign APIs to send authentically appearing invoices in a new breed of cyber threat. Exploiting trusted platforms like DocuSign through their APIs marks a concerning evolution in cybercriminal strategies. By embedding fraudulent activities within legitimate services, attackers increase their chances of success while making detection more challenging. 

While beneficial for businesses, DocuSign’s API-friendly environment inadvertently provides a fertile ground for malicious actors to exploit. With paid accounts and access to official templates, attackers can customize invoices to match the branding of target companies, including unauthorized use of trademarks like Norton’s.

You can read the report here.

Wallarm, a global leader in API security, today unveiled its API ThreatStats Report for Q3 2024, revealing critical insights into the increasing number of API vulnerabilities and breaches impacting industries worldwide. The report confirms the trend of increasing numbers of API vulnerabilities across sectors and an escalating threat landscape specifically targeting APIs due to their accessibility and valuable data.

Wallarm’s researchers uncovered a 21% increase in API vulnerabilities from the second quarter of 2024. Additionally, the vulnerabilities had an average Common Vulnerability Scoring System (CVSS) score of 7, with many scoring at 7.5, indicating high severity and reflecting how easily threat actors can exploit API issues. The substantial growth in discovered vulnerabilities highlights the expanding threat landscape, where APIs remain a primary target for cyberattacks across multiple sectors.

Key insights on API Q3 data breaches include:

• Client-Side API Vulnerabilities Expose Hidden Risks Not Covered by the OWASP API Top-10: Many breaches this quarter, like those at Hotjar, Business Insider, and Explore Talent, originated from client-side API flaws, such as OAuth misconfigurations and Cross-Site Scripting (XSS), which the OWASP API Top-10 does not adequately address. Developers often mistakenly consider OAuth a security improvement, but it becomes a critical weakness when misconfigured, enabling account takeovers and large-scale data exposure. These incidents reveal that client-side API security needs more attention and a dedicated approach to prevent such breaches.
• API Misconfigurations Amplify Breach Scale: Poorly secured APIs, especially those with weak authentication and authorization controls, lead to large-scale breaches because attackers can access and download entire datasets, not just isolated portions. This finding was evident in incidents at Deutsche Telekom and Fractal ID, where unauthenticated API access allowed attackers to exploit massive amounts of personal data, tariff information, and user tracking. Unlike traditional malware attacks that may target random subsets of data, API breaches often result in complete data extraction, making the impact far more severe.
• APIs Are a Common Weak Link Across Diverse Industries: This summer’s breaches affected a wide range of sectors, from telecommunications (Deutsche Telekom) and transportation (Metro Pacific Tollways Corporation) to blockchain and Web3 platforms (Fractal ID). These incidents prove that no industry is immune, and API vulnerabilities are a universal challenge across traditional and cutting-edge tech landscapes. Securing APIs requires consistent, industry-wide efforts to address evolving attack vectors.

As detailed in the report, another key discovery this quarter is the integral role of API security in AI systems. There is no AI without APIs—they are essential in connecting models, data, and infrastructure. API vulnerabilities directly impact AI functionalities, and AI features can introduce unique vulnerabilities into APIs. Addressing AI exploits and API vulnerabilities is crucial for comprehensive security, as they are deeply interconnected.

The increase in API vulnerabilities emphasizes the urgency for businesses to stay vigilant and invest in comprehensive API security measures. Wallarm is the only solution that unifies best-in-class API protection and real-time blocking capabilities to protect the entire API and web application portfolio in multi-cloud,  cloud-native, and on-premise environments and empowers organizations to defend against these growing threats.

To download the full API ThreatStats Q3 2024 Report, visit http://www.wallarm.com/resources/q324-api-threatstats-report.

Wallarm, a leader in API security solutions, announced today Security Edge, a breakthrough SaaS solution that delivers security at the API edge. As the industry’s first offering to modernize API Security deployments, Wallarm is taking on legacy Content Delivery Networks (CDNs) that claim most of the traffic is API traffic but are unable to provide real-time API threat protection.

Wallarm’s new solution represents a major shift in how organizations secure and gain visibility into their APIs. It eliminates the need for inefficient and cumbersome distributed traffic redirection, giving organizations immediate and local API protection. Unlike traditional methods that route API traffic through distant cloud servers or rely on CDNs, Security Edge enables organizations to secure API traffic at the API’s edge, where it’s most effective and performant.

Security Edge works by distributing Wallarm filtering nodes positioned as close to the customers’ APIs as possible, using existing cloud providers and infrastructure. While a self-managed deployment can be fully integrated into a customer’s API infrastructure, Security Edge removes the management burden while providing low latency.

Security Edge’s key features and benefits include:

• Hosted, Managed, Simplified: Wallarm handles infrastructure, deployment, and monitoring and ensures that nodes are up-to-date and functional, removing maintenance requirements.
• Low Latency, Lower Cost: Security Edge nodes can be geographically distributed at the API edge to deliver security capabilities with minimal latency. 
• Operational Visibility: Customers can access logs, events, and real-time traffic statistics. 

With Security Edge, Wallarm is opening a new market segment for API security, currently occupied by traditional CDN vendors with infrastructure built for caching traditional web content. Security Edge enables customers to achieve greater protection at a fraction of the cost using a purpose-built API edge solution. 

For more information, visit http://www.wallarm.com/resources/security-edge.