When it comes to APIs, security has always been a serious concern. Developers who design and build APIs strive to mitigate vulnerabilities before attackers find them. Consumers want to be reassured that the APIs their applications integrate with won’t compromise data or application integrity.

However, the rise of AI has led to new and evolving API security threats. How do developers protect their application’s APIs when AI behaves unpredictably because of its non-deterministic nature?

At the Platform Summit 2025 in Stockholm, Sweden, four industry experts — David Brossard, Anders Eknert, Jacob Ideskog, and Dr. Katie Paxton-Fear — talked about the API security concerns they are seeing arise from AI adoption and how traditional tools play a critical role in mitigating the risk AI poses to APIs. This article highlights parts of their conversation about API security in the age of AI.

AI Opens the Door to Accelerated API Security Risks

According to Wallarm’s 2026 API ThreatStats Report, the company found 2,185 AI-related vulnerabilities in 2025, with 36% involving APIs. API weaknesses include cross-site issues, injection attacks, and broken access control. The report states that “malicious actors are exploiting logic, trust, and usage patterns in APIs that were never built to withstand automation in the first place.”

New protocols designed for AI agents, like Model Context Protocol (MCP), also introduce security gaps. Researchers have identified several risks associated with MCP systems, such as tool poisoning, rug pulls, tool shadowing, and remote command execution. Wallarm’s report says that MCP has “emerged as a leading indicator of where API risk is heading.” It also states that “MCP vulnerabilities were tied to a Top 10 API breach involving thousands of exposed MCP servers.”

Jacob Ideskog, CTO at Curity, points out during the chat that companies need to consider who is at risk. First off, if there is a massive breach, the end user and their data are at risk. “We know that API breaches in general are much more severe than a common data breach,” says Ideskog. “You reach more data and take more actions through APIs than you do just by intrusions and other means.”

“Take that and multiply it because the AI could be even smarter or perhaps do more things that a human wouldn’t think of as quickly,” he adds.

Too Much Trust is Given to AI

Another problem leading to security risks with APIs is that too many people put too much trust in AI applications and the tools to build them. Dr. Katie Paxton-Fear, Staff Security Advocate at Semgrep, explains that what worries her is the amount of trust we’re giving AI agents and MCP servers.

How many people use a large language model (LLM) like Claude every day? And how many of them have given that AI model a lot of permissions? That number is likely high. You also have developers who build MCP servers. Many of them connect those servers to accounts like Google or Amazon Web Services (AWS). A lot of developers have the beginnings of a multi-agent system. However, putting too much trust in these AI systems is problematic.

“There are methods for using that trust, and we saw it recently in the Nx hack on NPM where there was an additional command sent to Claude code that said ‘hey, search through all of these folders and find all my secrets and keys and crypto stuff’,” Paxton-Fear explains. “While it didn’t work, it’s the first time we’ve seen AI as an insider threat, and I’m not sure a lot of people are really thinking about it.”

Ideskog adds to this train of thought, asking, “How do we make sure AI doesn’t do anything we don’t want?” You might start by discussing guardrails and restricting what AI can do. However, he adds that the API community shouldn’t trust those guardrails because they won’t be made the right way in the end. The API community needs to protect stuff on their side, and the tools to do that are still there.

Traditional API Security Tools Still Matter

Everyone developing AI apps, APIs, or both needs to understand that traditional tools for securing APIs still matter, especially access control and identity management (IAM). When you consider that nearly every AI agent and AI interaction involves an API, implementing these tools becomes even more critical.

David Brossard, CTO at Axiomatics, and Anders Eknert, Open Source and Developer Relations at Apple, both emphasize access control but recommend keeping a close eye on it.

“There is now an opportunity to achieve consistent access control across all of your data sources — as long as you know where you enforce it, what it is you’re protecting, and you’re observing what’s happening,” Brossard says. “It’s really important to be able to observe what’s happening and not just trust that your access control is good enough for AI flows because it will find a way to go around the policies you put in place.”

Eknert explains that when it comes to access control, many companies still only have three basic roles: customers, employees, and admins. Many AI agents automatically become admins because that’s the role with the most privileges. However, Eknert recommends that companies start with fine-grained access control, not just for AI but for better API security in general.

When it comes to identities, Ideskog explains that we’ve had non-human identities for years now, such as machine identities and service-to-service accounts. The difference is that we get this delegation into the application to something that is different from a CI/CD pipeline.

Does AI need its own identity? Ideskog says it does, but so does the machine it runs on because it also must connect to other machines. In that sense, it’s not new. It’s still the same pattern of identity and access management (IAM). It’s just a new place where we need to govern things.

“What we see at Curity is a shift from traditional IAM internal workforce with users and applications to more external-facing IAM with all your customers and partners,” comments Ideskog.” There’s a lot more moving towards those external systems because you get a lot more new stuff coming in there, so that becomes the cornerstone of your IAM strategy over time.”

We also have existing philosophies, like zero trust, that AI tool providers and API developers should also practice. Using traditional security tools and practicing established philosophies helps ensure the security of both AI and APIs.

Secure Your APIs, Secure Your AI

AI relies on APIs — you can’t have secure AI applications without securing the APIs that power them. As Wallarm’s recent research highlights, “attackers are successfully exploiting repeatable failures in identity, access control, and exposed interfaces, often at machine speed and massive scale.”

To mitigate the API security risks accelerated by AI, API and app developers must make fine-grained access control and robust identity management a priority. By prioritizing these critical security layers now, development teams can build a secure foundation that strengthens API security in the age of AI.