A programme interfaces( APIs) and growing use of AI is set to create significant headaches for enterprises in future unless they move to better secure the API layer and streamline API management.
INTELLIGENT API SECURITY
Addressing the rising risks and costs of an‘ explosion’ of APIs
CASA Software warns that the growing proliferation of APIs and increased AI adoption are creating escalating risks and costs for enterprises, calling for urgent improvements in API security and management.
n explosion of application
A programme interfaces( APIs) and growing use of AI is set to create significant headaches for enterprises in future unless they move to better secure the API layer and streamline API management.
This is according to Michael Brink, CTO, CASA Software, who says that as organisations become increasingly dependent on a proliferation of APIs and AI adoption soars, managing the associated costs, security and governance risks is proving challenging.
Brink cites a 2025 API Security and Management Report by Kuppinger Cole analysts, which finds that APIs are essential for intelligent digital enterprises, and the emergence of AI-native applications has accelerated adoption. The report notes that every LLM integration, Agentic AI workflow or autonomous decision system depends on API calls, and that most AI-related vulnerabilities, including prompt injection, data exfiltration or model abuse, are exposed through insecure APIs.
“ APIs essentially provide a window to your castle, so poorly secured APIs will allow threat actors easy access,” he said.“ There have been a number of hacking events purely via APIs – both globally and in South Africa.
“ Managing APIs is traditionally very technical, so you usually require quite a high level of technical ability and skill to use, consume and work with APIs, and to secure the APIs to prevent data leakage and threat actors from using them to access the organisation,” he said.
Brink notes that in many organisations, developers manage APIs, but their primary focus is not on security but on getting products to market.“ As regulatory bodies turn their attention to API security, we will see more risk and security teams needing to take on this task.”
Simplifying API security and governance
The Broadcom Layer7 API management platform offers an advanced, low-code solution to these challenges. Broadcom
Layer7 has long been a market leader in API security, governance and control, with leading local financial services, retail and public sector organisations trusting it for over 15 years, Brink said.
Serving as a single security platform for all web services, APIs and application traffic, Layer7 enhances API security, with operational monitoring and cost management capabilities to simplify API management.
“ If you write programmes and develop applications, you typically write a lot of security code into that app or service, but every time you need to make a change or a vulnerability is discovered, you’ re going to need to update those security routines,” Brink said.“ The Layer7 API management platform allows you to manage that in a very effective way by offering a central policy enforcement point. So, you can have ten thousand APIs or services published there and apply a specific policy to all of them at once.”
He confirms that with Layer7, the security operations practice can secure and monitor APIs too, enabling better security enforcement and compliance.
30 WWW. INTELLIGENTCISO. COM