More than 80% of developers and business leaders say AI investments have already created the opportunity for new products or services, according to Kong’s 2024 API Impact Report. Clearly, AI has proven its value and place in the enterprise, but with new innovations come new potential vulnerabilities.
But as organizations push forward into and navigate the rising risk of AI-enhanced threats and the adoption of AI tools and large language models (LLMs), what have tech leaders experienced? And what are they most concerned about in the year ahead?
In API Security Perspectives 2025: AI-Enhanced Threats and API Security, we surveyed 700 IT leaders about API security and the rising risk of AI-enhanced threats — and how prepared they may or may not be.
Nearly 75% of respondents express serious concern about AI-enhanced attacks, but a notable disconnect emerged. While 55% of organizations experienced an API security incident in the past year (and one-third call the incident "severe"), 85% say they’re confident in their organization’s security capabilities. This confidence may be misplaced, given that 77% acknowledge the potential for significant security risks from AI and LLM integration into their API ecosystem.
These API security incidents also can come with substantial costs: 47% of those who experienced an incident in the past 12 months reported remediation costs of more than $100,000 — and 20% said costs exceeded $500,000.
The gap between perception and reality requires attention, particularly as API attacks are projected to grow by 548% by 2030. Moreover, API breaches lead to more leaked data than the average security breach, Gartner reports.
Other key findings include:
The convergence of AI and APIs presents both unprecedented opportunities and risks. While organizations recognize the changing threat landscape, many lack the comprehensive security measures needed to protect their API infrastructure in the AI age. The key will be to treat API infrastructure as mission critical.
What does the age of AI mean for API security? And are organizations ready for the rise of AI-enhanced threats? Read API Security Perspectives 2025: AI-Enhanced Threats and API Security to learn more
It’s no secret that artificial intelligence (AI) is revolutionizing the way companies operate with its ability to sift through mountains of data and make accurate predictions at record speed. But with great power comes great responsibility. As AI sy
Introduction to OWASP Top 10 for LLM Applications 2025 The OWASP Top 10 for LLM Applications 2025 represents a significant evolution in AI security guidance, reflecting the rapid maturation of enterprise AI deployments over the past year. The key up
As businesses increasingly harness the power of artificial intelligence (AI) and large language models (LLMs), a new challenge emerges: managing the deluge of AI requests flooding systems. This exponential growth in AI traffic creates what could be
The world of artificial intelligence is undergoing a seismic shift, with the emergence of agentic AI redefining the landscape of API development and management. As businesses and developers navigate the complexities of digital transformation, unde
The exploding role of LLMs The adoption of LLMs is accelerating faster than most technological trends we’ve witnessed before. According to recent Gartner projections, by 2026, over 80% of enterprises will have used or experimented with LLMs , a dra
LLMs are powerful, but not inherently privacy-aware LLMs operate as highly capable, non-deterministic pattern matchers. But they come with two significant privacy challenges: They don’t automatically distinguish between sensitive and non-sensitive
For over a century, Goldman Sachs has been one of the most recognizable names in multinational investment banking and financial services. When they speak, the market listens. So what does Goldman Sachs have to say about APIs and AI when it comes to