Exposed APIs and issues in the world’s largest organizations

In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and 98,800 vulnerabilities identified. Among these findings, 1,830 were classified as highly critical due to the potential exposure of sensitive data and systems.

Escape’s security research team scanned thousands of APIs using advanced subdomain enumeration, AI-driven fingerprinting, and OSINT techniques. The team revealed vulnerabilities linked to broken authentication, security misconfigurations, and public access to development APIs.

Notably, 3,945 development APIs were found to be publicly accessible, heightening security risks due to their lack of adequate access controls.