Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

APIs Are Critical Infrastructure. Why Aren't We Treating Them That Way?

Mar 18, 2026 By Wallarm In Wallarm
‍In this session, we take an in-depth look at what it truly means to treat APIs as critical infrastructure. Using industry data and real-world examples, we explore the gap between how much businesses rely on APIs and how well they are actually protected. And we talk about why that gap introduces operational and regulatory risks.
View Video

AppSec in the age of AI: An RSA Conference preview

Mar 13, 2026 By Wallarm In Wallarm
Application security is at a breaking point as development teams move faster than ever, aided by AI-powered coding assistants. While these tools boost productivity, they also introduce subtle errors and insecure patterns at scale. The result: a growing backlog of vulnerabilities that outpaces traditional AppSec models. This webcast examines the risks and opportunities of AI in AppSec and who will be addressing it at RSA Conference. We’ll explore how defenders can use AI to level the playing field with automated scanning, intelligent prioritization, and secure-by-design practices.
View Video
wallarm

The CISO's Dilemma: How To Scale AI Securely

Mar 11, 2026 By Wallarm In Wallarm
Your board wants AI. Your developers are building with it. Your budget committee is asking for an ROI timeline. But as CISO, you're the one who has to answer when the inevitable question comes up: "How do we know this is secure?" If you're like most security leaders, you're caught between two impossible positions. Say yes to AI initiatives without proper security controls, and you're responsible when something goes wrong.
Read Post
wallarm

Agent-to-Agent Attacks Are Coming: What API Security Teaches Us About Securing AI Systems

Mar 6, 2026 By Wallarm In Wallarm
AI systems are no longer just isolated models responding to human prompts. In modern production environments, they are increasingly chained together – delegating tasks, calling tools, and coordinating decisions with limited or no human oversight. Almost all that communication happens through APIs. This shift offers enormous productivity benefits. But it has also complicated security. Because as soon as systems can talk to each other, they can be attacked through each other.
Read Post
wallarm

Everyone Knows About Broken Authorization - So Why Does It Still Work for Attackers?

Mar 2, 2026 By Wallarm In Wallarm
Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) and Broken Function Level Authorization (BFLA) account for hundreds of API vulnerabilities every quarter. According to the 2026 API ThreatStats report, authorization issues ranked ninth in the API Top 10, “reflecting chronic difficulty in managing roles and permissions at scale.”
Read Post
wallarm

Inside Modern API Attacks: What We Learn from the 2026 API ThreatStats Report

Feb 17, 2026 By Wallarm In Wallarm
API security has been a growing concern for years. However, while it was always seen as important, it often came second to application security or hardening infrastructure. In 2025, the picture changed. Wallarm’s 2026 API ThreatStats Report revealed that APIs are now the primary attack surface for digital business, and not because bad actors discovered new zero-days, but because of compounding failures in identity, exposure, and abuse.
Read Post
wallarm

From Shadow APIs to Shadow AI: How the API Threat Model Is Expanding Faster Than Most Defenses

Feb 13, 2026 By Wallarm In Wallarm
The shadow technology problem is getting worse. Over the past few years, organizations have scaled microservices, cloud-native apps, and partner integrations faster than corporate governance models could keep up, resulting in undocumented or shadow APIs. We’re now seeing this pattern all over again with AI systems. And, even worse, AI introduces non-deterministic behavior, autonomous actions, and machine-to-machine decision-making. Put simply, shadow AI is much, much riskier than shadow APIs.
Read Post
wallarm

CISO Spotlight: Craig Riddell on Curiosity, Translation, and Why API Security is the New Business Imperative

Feb 11, 2026 By Wallarm In Wallarm
It’s an unusually cold winter morning in Houston, and Craig Riddell is settling into his new role as Wallarm’s Global Field CISO. It’s a position that suits him down to the ground, blending technical depth, empathy, business acumen, and, what Craig believes, the most underrated skill in cybersecurity: curiosity. Like so many of us, Craig got into cybersecurity by accident. He first learned Unix under the guidance of a mentor while transitioning out of the military.
Read Post

PHISHING GOT 10X FASTER WITH AI #apisecurity #phishing #aisecurity #DevSecOps #applicationsecurity

Feb 10, 2026 By Wallarm In Wallarm
PHISHING GOT 10X FASTER Phishing attacks sped up 10x thanks to AI what took weeks is now compressed to hours. Vulnerabilities are discovered continuously and scaled instantly Attacks became adaptive and contextual for 2025 cybersecurity In this short clip from our webinar, we break down why this is the new reality.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.