Zachary Rager
Even though cybersecurity is crucial to the many missions of federal agencies, it is easy to overlook the growth of the threat surface due to the increasing use of application programming interfaces (APIs), often driven by the use of generative AI.
APIs serve as the communications hub between different applications, connecting agencies’ services to the applications that deliver those services. A recent study reported that 99% of AI vulnerabilities in the Cybersecurity and Infrastructure Security Agency (CISA) Key Exploited Vulnerabilities catalog in 2024 were API-related – and over 50% of all the listed vulnerabilities identified were API-related. Another report found that 84% of security professionals experienced an API-related security incident over the past year.