Half of all security issues in Agentic AI code repositories (65%) are API-related

SAN FRANCISCO, April 24, 2025 /PRNewswire/ — Wallarm, the leader in API and AI security solutions, today announced the findings of The Rise of Agentic AI, the API ThreatStats report for Q1 2025. The report found that evolving API threats are fueled by the rise of agentic AI systems, growing complexity in cloud-native infrastructure, and a surge in software supply chain risks, and uncovered patterns and actionable insights to help organizations prioritize risks and harden their defenses.

“In the first quarter of 2025, overall API threats continued to increase across multiple industries, from healthcare to AI and beyond,” said Ivan Novikov, CEO and Co-Founder of Wallarm. “Our research shows that AI agent security risk largely stems from APIs. Agentic AI presents the same problems as any other type of code, but agentic AI exhibits a large percentage of API-related vulnerabilities. We can’t address agentic AI security without directly addressing APIs.”

While APIs are central to all Agentic workflows, cybersecurity standards such as CVE and CISA KEV are trailing indicators of API and overall security risks presented by Agentic AI. In order to gain insights into current and future trends, Wallarm researchers took a deep dive into GitHub security issues going back to 2019 for Agentic repositories. Of the 2,869 security issues analyzed in Agentic AI projects, they found that the majority were API-related (65%), underscoring the inseparability of agent and API security.

The report also analyzed API breaches that occurred in Q1 2025. No industry was immune, as highlighted by breaches impacting organizations such as Oracle Cloud, DeepSeek, CommonCrawl, Volkswagen, National Health Service (NHS) UK, Microsoft, BeyondTrust, and OmniGPT.

Key findings include:

The majority of all security issues in Agentic AI repositories (65%) are API-related and over 700 issues remain unaddressed.25% of reported security issues remain open, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.The top five API breaches span cloud, AI, automotive, and healthcare, underscoring industry-wide concerns and urgent relevance to cybersecurity worldwide.With 60% of top vulnerabilities found to be access control-related, access control remains prevalent across APIs.

APIs are not just part of the attack surface — they are the attack surface. From legacy system exposures to AI-native risks, attackers are increasingly targeting APIs as both the entry point and objective. In order to protect themselves from these threats, organizations need to take proactive measures to ensure existing threat models account for the current environment and prioritize API security by updating API threat models and security workflows, creating Agentic AI security strategies, implementing real-time monitoring of API traffic, and updating both threat intelligence and API discovery methodology.

To download the full Q1 2025 API Threat Report, visit http://www.wallarm.com/reports/q1-2025-wallarm-api-threatstats-report.

About Wallarm
Wallarm is the only unified platform for API and agentic AI security successfully deployed in enterprise production environments. With Wallarm, customers receive the fastest, easiest, and most effective way to stop API attacks. Period. Organizations choose Wallarm to protect their APIs and AI agents because the platform delivers a complete inventory of APIs, real-time blocking, and patented AI/ML-based abuse detection. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.

Media Contact:
Michelle Kearney
Hi-Touch PR
443-857-9468
kearney@hi-touchpr.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/wallarm-unveils-findings-from-q1-2025-api-threat-report-uncovering-evolving-api-threats-across-multiple-industries-302436289.html

SOURCE Wallarm

Proprietary hallucination-free AI agent architecture protects patients and providers in a proven enterprise-scale voice AI platform

SAN FRANCISCO, April 24, 2025 /PRNewswire/ — Infinitus Systems, Inc., the AI company that has powered more than 100 million minutes of healthcare conversations that accelerate care for over a million patients, today announced the first patient- and provider-facing voice AI agents built for use cases where trust is critical.

The Infinitus voice AI platform was built to ensure patients’ and providers’ trust in AI agents that can transform the patient experience with accurate, around-the-clock access to provider- or payor-curated expertise. Infinitus has advanced its proven multi-modal, multimodel platform for content-rich, often complex patient conversations that can include over 100 exchanges, ensuring they adhere to approved content and provider and plan procedures, as well as regulatory requirements. Infinitus is the first voice AI architecture to include four innovations designed to build trust with providers and their patients:

AI response control for trusted responses: A proprietary discrete action space leverages the power of LLMs to understand and facilitate conversations, while ensuring AI agents do not hallucinate or generate any responses that are inaccurate or outside of the approved standard operating procedure of customers or regulatory agencies.Specialized knowledge graph for trusted information exchange: The Infinitus knowledge graph allows agents to contextualize and verify information in real time, validating information provided by a patient or payor agent against trusted sources specific to the payor plan, treatment area, patient history, customer-provided knowledge bases, and more.AI review for trusted outcome: This automated post-processing and verification system incorporates human-level reasoning gathered from experience performing millions of tasks. The AI evaluates a conversation output to determine whether a response, as well as any extracted information, is accurate given the context of the task, providing a critical level of oversight that is impossible to achieve manually. When necessary, AI agents can flag a human and suggest follow-up actions.Robust security and compliance program for trusted processes: Infinitus adheres to SOC 2 and HIPAA requirements, which includes bias testing, protected health information (PHI) redaction, and data retention for secure, unbiased data handling.

While agents have been used widely in healthcare applications, they have not yet been purposefully designed to earn clinician and patient trust.

“As a patient, the most important questions come after hours, when care teams are off duty or asleep. AI agents can help reduce that anxiety and empower patients at any time, no matter where they are. But that can only happen when trust and accountability are built into the technology,” said Ankit Jain, CEO and co-founder of Infinitus. “We believe we are the first to deliver on the trust you should expect in healthcare at every level of our platform.”

Patient and Provider-Facing AI Agents
Infinitus’ AI agents can proactively call patients with prompts, requests, and follow-ups, as well as provide around-the-clock availability for patient calls to answer questions and provide assistance across their healthcare journey. AI agents improve healthcare literacy and support medication adherence, promptly escalating any reported side effects, particularly benefiting individuals managing chronic conditions or with specialty medication needs.

Provider-facing agents deliver accurate and reliable details to providers, helping simplify reimbursements for a seamless experience. Through automated calls to providers, Infinitus’ AI agents simplify care coordination and save time, ensuring the appropriate clinical documentation, signatures, or approvals are submitted, preventing delays and improving patient access to therapies. Infinitus’ provider-facing AI agents can also keep providers informed on treatments and policies, helping them deliver the highest-quality patient care without administrative burden.

Zing Health, a Medicare Advantage provider offering personalized care to chronically underserved populations across the U.S., has deployed Infinitus’ patient-facing AI agents to perform comprehensive member health evaluations to extend its staff resources and provide a more consistent experience.

“Infinitus has become a key part of our onboarding process by efficiently completing health risk assessments within the first 60 days of a new member’s journey. The health risk assessment is a vital step in Zing’s Model of Care. Responses provide early insights into our members’ healthcare needs, enabling us to deliver a personalized engagement, customized care, and dedicated support from the beginning,” said Meghan Speidel, COO at Zing Health. “Since deploying Infinitus AI agents, our team is able to focus on members with active and immediate needs, where focused attention has the highest impact.”

“In healthcare, only trust can unlock the full value of any innovation,” said Shyam Rajagopalan, CTO and co-founder of Infinitus. “We designed Infinitus’ AI agents to ensure clinical conversations are not only maximally valuable to patients and providers, but trusted and compliant during some of the most sensitive moments in a patient’s journey.”

Expansion of Payor-Facing AI Agents
New payor-facing AI agent offerings now support payors, for instance, in insurance discovery and prior-authorization follow-ups. New digital offerings include Medicare Part B and Medicare Beneficiary Identifier (MBI) look-up, enabling providers to reduce delays in verifying eligibility, helping patients receive the data necessary to access and afford care. Infinitus’ expanded payor-facing offerings reinforce the company’s commitment to reducing administrative burden and advancing innovation across the healthcare ecosystem.

This comes on the heels of securing a spot on Fast Company’s World’s Most Innovative Companies of 2025 list, honoring the healthcare businesses shaping the industry.

About Infinitus
Infinitus is the leader in trusted AI agents and copilots for healthcare that improve the patient, clinician and staff experience. Infinitus’ AI voice agents and copilots help automate, expedite, and simplify time-consuming but critical conversational touchpoints that drive patient, clinician, and staff frustration and dissatisfaction. Infinitus’ proven AI native architecture combines multimodal, multi-model AI with a robust knowledge graph, a proprietary discrete action space, and human-in-the-loop guardrails to ensure data accuracy, safety, and support for healthcare organizations at scale. Infinitus was recently named to Fast Company’s World’s Most Innovative Companies of 2025 and is a trusted solutions partner to 44% of Fortune 50 healthcare companies. Learn more at https://www.infinitus.ai/ 

View original content to download multimedia:https://www.prnewswire.com/news-releases/infinitus-launches-first-trusted-voice-ai-agents-for-healthcare-302436349.html

SOURCE Infinitus Systems, Inc.

Certified partners can now deliver Day-2 Operations Services for Akamai API solutions and technical support for Akamai Guardicore Segmentation environments

CAMBRIDGE, Mass., April 24, 2025 /PRNewswire/ — Akamai Technologies (NASDAQ: AKAM), the cybersecurity and cloud computing company that powers and protects business online, today announced updates to its Security Certified Service Provider programs for API security solutions and for Akamai Guardicore Segmentation. Certified partners can now offer Day-2 Operations Services related to Akamai API security products and solutions, just as they do for Akamai Guardicore Segmentation. Additionally, they can provide Akamai Guardicore Segmentation technical support directly to their customers.

According to a recent Akamai State of the Internet (SOTI) report, API attacks come in various forms, including data breaches, abuse, and distributed denial-of-service attacks. In fact, Akamai recorded 108 billion API attacks from January 2023 through June 2024. These attacks can lead to data theft, reputation damage, regulatory fines, and significant financial losses, highlighting the importance of securing APIs.     

“The enhancements Akamai has made to its Security Certified Service Provider programs enable us to better deliver services directly to our customers, significantly increasing our ability to meet their unique needs and ensure they receive the best possible protection and support,” said Florent Houy, Head of Cloud Innovation at Orange Cyberdefense in France. “These partner program updates strengthen our collective capability and Orange Cyberdefense’s microsegmentation service offering to secure digital assets, ensure flexibility, meet our customers’ expectations, and help our clients stay focused on what matters most: their business.”

“The channel is the backbone of the cybersecurity industry where everyone wins — technology providers expand their reach, partners grow their business, and customers get the best security solutions tailored to their needs,” said Paul Joseph, Executive Vice President, Global Sales and Services at Akamai. “Empowering our partners with the right tools, training, and support is key to driving success. These enhancements to the Akamai channel program position our partners as their customers’ trusted security advisor and single point of contact, empowering both partner and customer to accelerate the growth of their business.”

Ongoing Day-2 Operations Services are essential for maintaining a strong security posture as organizations refine their segmentation and API security strategies.

Day-2 Operations Services for API security includes:

Operational and management services — Enable partners to maximize their value to customers through hybrid deployments, quarterly business reviews, and API audits and complianceSecurity incident management services — Allow partners to connect customer API security deployments to their Security Operations Center so partner incident response teams receive detection alerts from Akamai API Security and any other solutions deployedActive testing — Enables customers to identify and remediate API vulnerabilities before they are deployed to production, which can help eliminate risk and save on remediation costs

Guardicore Certified Services Partners are now able to provide the full suite of services of the microsegmentation lifecycle from project delivery to 24/7 first-line support to day-2 operations to keep the policy up to date and monitor potential security incidents while maintaining compliance. Akamai Guardicore Segmentation customers now have a choice to use their local certified partners to provide them the entire services suite.

Day-2 Operations Services for Akamai Guardicore Segmentation includes:

Segmentation administration services — Allow partners to maximize the value of their customer’s Akamai Guardicore Segmentation deployment by updating and expanding their implementationSecurity incident management services — Allow partners to connect their customer’s Akamai Guardicore Segmentation deployment to their Security Operations Center and use it to contain threats by preventing lateral movement and isolate infected assets until resolutionAudit and compliance services — Allow partners to streamline audit and compliance management by providing a single source of truth about what is communicating in their customer’s networks, and enable consistent policy enforcement across their environment

Learn more about Akamai’s Security Certified Service Provider programs.

About Akamai 
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.

Contacts
Akamai PR
AkamaiPR@akamai.com

Investor relations
IR-InvestorRelations@akamai.com 

View original content to download multimedia:https://www.prnewswire.com/news-releases/akamai-empowers-partners-to-deliver-services-and-support-302436210.html

SOURCE Akamai Technologies