Newly published API endpoints are discovered by attackers in a mere 29 seconds.

21.5% of AI vulnerabilities are indirectly tied to APIs, including flaws in third-party integrations.

Kernel exploits accounted for 5.4% of the CISA KEV exploits.

77.4% of API-related vulnerabilities in AI products are directly API-related, such as weak API authentication, inadequate rate limiting, and broken access controls.

Attackers can exfiltrate sensitive data in as little as 6 seconds in API attacks.

Only 1.1% of the vulnerabilities in AI products were entirely unrelated to APIs.

Browser exploits accounted for 9.2% of the CISA KEV exploits.

Traditional API security systems can take 5-10 minutes to detect and remediate threats.

Mobile exploits accounted for 5.9% of the CISA KEV exploits.

Supply chain exploits accounted for 1.1% of the CISA KEV exploits.