{"id":1934,"date":"2025-04-28T03:33:14","date_gmt":"2025-04-28T03:33:14","guid":{"rendered":"http:\/\/localhost\/?p=1934"},"modified":"2025-04-28T03:33:14","modified_gmt":"2025-04-28T03:33:14","slug":"the-api-imperative-securing-agentic-ai-and-beyond","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=1934","title":{"rendered":"The API Imperative: Securing Agentic AI and Beyond"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nThe API Imperative: Securing Agentic AI and Beyond<\/td>\n<\/tr>\n
Type<\/th>\nwallarmlab<\/td>\n<\/tr>\n
Published<\/th>\n2025-04-28T06:33:14<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-28T07:52:44<\/td>\n<\/tr>\n
CVSS Score<\/th>\n9.8 (CRITICAL)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nNETWORK<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nNONE<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Availability Impact<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2021-35587<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nblog<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n We recently released The Rise of Agentic AI,**** our API ThreatStats report for Q1 2025, finding that evolving API threats are fueled by the rise of agentic AI systems, growing complexity in cloud-native infrastructure, and a surge in software supply chain risks, and uncovered patterns and actionable insights to help organizations prioritize risks and harden their defenses. Keep reading to find out more. <\/p>\n

# Agentic AI: Same Old Security Challenges, Amplified Risks<\/p>\n

Agentic AI is the technology of the moment. It is the newest and most exciting AI frontier, able not just to answer queries but to actually act autonomously on behalf of human users. But, contrary to what one might expect, it shares the same security risks as many other types of code.<\/p>\n

It\u2019s important to understand that APIs are fundamental to Agentic AI workflows. 65% of the 2869 Agentic AI security issues we found during our GitHub analysis were API-related. This means that agent security and API security are inseparable. <\/p>\n

We see further evidence of this when categorizing agentic security issues by Common Weakness Enumeration (CWE). While use of Unmaintained 3rd Party Components (CWE-937) came out on top, mirroring security issues in software more broadly, second and third place drive home the intrinsic link between agentic and API security \u2013 Improper Input Validation (CWE-20) and Uncontrolled Resource Consumption (CWE-400) are both prevalent API security risks. <\/p>\n

The takeaway here is that although the security issues are broadly the same, agentic AI does bring new, more significant risks. Because agents automate decision-making and can trigger high-privileged API calls at machine speed, every legacy flaw scales from a single incident to a self-driving breach. Agentic AI may invent a few new problems, but it certainly turbocharges old ones. <\/p>\n

![](https:\/\/i0.wp.com\/lab.wallarm.com\/wp-content\/uploads\/2025\/04\/AD_4nXd1p-GDJL8nK0RorreQdws6vxDm_0IPvdJrEBs54JdgaF7aVhE1td46bDy8UQ6-IZljPq2wjAZR13CcKUH6N-BfIZFM-OqcSuj7NDw5J3XOOULxWQ_3jLeeZVs3Kp0doYxAR49_3rjJduV_P3ZLJ6wkey-Bc4fenNuE6pbq-4eXXN4hYC.jpg?w=770&ssl=1)<\/p>\n

# Breach Reality Check: Misconfigurations Still Reign<\/p>\n

As part of our ThreatStats report series, we analyze all the API-related breaches that occurred within the given quarter, and this quarter was no different. Here\u2019s the top five from Q1 2025:<\/p>\n

* **Oracle Cloud (6M records):** Attackers claimed to exploit an unpatched CVE-2021-35587 vulnerability in legacy login infrastructure \u2013 further proof that old, unpatched CVEs still present a threat.
\n * **Deepseek Database Leak (1M+ records):** A publicly exposed database revealed API keys \u2013 a reminder that no authentication means no security, regardless of how novel the workload is.
\n * **Common Crawl Secrets Exposure (11,908 live secrets):** A dataset used to train LLMs was found to contain thousands of live API secrets, calling attention to data risks in the software supply chain.
\n * **Volkswagen JWT Weakness (800K records):** A weak JWT implementation opened a back door to user and vehicle data \u2013 a reminder that misconfigurations can cause havoc in even mature security environments.
\n * **NHS UK Unauthenticated Endpoint:** An unauthenticated API revealed reams of patient data \u2013 aging infrastructure and legacy APIs are still a recipe for disaster. <\/p>\n

The key takeaway? Breaches tied to misconfiguration, hardcoded secrets, and unauthenticated API access dominated this quarter – particularly in AI and healthcare sectors.<\/p>\n

![](https:\/\/i0.wp.com\/lab.wallarm.com\/wp-content\/uploads\/2025\/04\/AD_4nXf0Bz_Vr4aZv0AXKKtyNdZvFzsXWGA5z0vOD0mdzijI3hlDCKNPqb8wFwCpLVVUcgNsjkJAQOf-LAioj0RsUJJRhvxsJDurXV0GLG3bONwarfn_T1XKijUIKbVgbS1GyMFZzngnXguhAACYinDZCr0key-Bc4fenNuE6pbq-4eXXN4hYC.png?w=770&ssl=1)<\/p>\n

# The Access Control Epidemic<\/p>\n

You might have noticed that four of this quarter\u2019s top five breaches were essentially access control failures in disguise. What\u2019s more, three of the leading agentic AI security issues – CWE-285 (Improper Authorization), CWE-284 (Improper Access Control), and CWE-287 (Improper Authentication) \u2013 are access control-related, while 209 CVEs fell into API5: Broken Access Control, making up the largest slice of Wallarm\u2019s API Top 10 API CVEs. <\/p>\n

# Recommendations for Q2 <\/p>\n

So, what can organizations do to protect themselves? Here are our top tips: <\/p>\n

* **Refresh API Threat Models Every Quarter:** This is important for keeping your risk picture aligned with evolutions in the cloud, third-party services, and AI integrations.
\n * **Monitor API Traffic****in Real Time and Block Anomalies:** Immediate detection and response is crucial for keeping pace with shrinking exploitation windows.
\n * **Enrich Threat Intelligence Feeds with API-Specific Data:** Incorporating CISA KEV updates, third-party disclosures, and Wallarm ThreatStats can help spot weaponized CVEs early.
\n * **Evolve****API Discovery****Methods to Include AI Endpoints:** Agentic AI plugins and shadow services can appear overnight; inventory is step one for securing them.
\n * **Craft a Dedicated Strategy for Agentic AI:** Autonomous agents are useful, but dangerous. They need tailored guardrails.
\n * **Prioritize API Security Investments:** It\u2019s essential to allocate budget to tools and training for real-time blocking, automated testing, secret-scanning, and schema enforcement.
\n * **Establish and Enforce Clear API Security Policies:** Standardize authentication, authorization, data protection, and deployment guidelines across all development teams.<\/p>\n

The bottom line? Both CISOs and practitioners must double down on visibility and proactive control to ensure that emerging, AI-driven risks don\u2019t outpace classic best practices. <\/p>\n

\u200dThe stark reality is this: APIs are the new attack surface. Forget perimeter-centric thinking. From exposing legacy systems to the burgeoning risks of Agentic AI, attackers are relentlessly targeting APIs\u2014as both the gateway and the price. Organizations need to come to terms with this reality and act accordingly.To download the full Q1 2025 API Threat Report, click here.<\/p>\n

The post The API Imperative: Securing Agentic AI and Beyond appeared first on Wallarm.\n <\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n9.8<\/td>\n<\/tr>\n
Severity<\/th>\nCRITICAL<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n