Lessons learned from observing a billion API requests

What's the biggest vulnerability in modern APIs? An analysis of a billion requests found a shocking 50% had no authentication, and we'll show you how to fix it.

#1about 3 minutes

Key findings from analyzing a billion API requests

Analysis of over a billion API requests reveals that JavaScript APIs are often less secure and half of all APIs lack any authentication.

#2about 3 minutes

Why opinionated frameworks lead to more secure APIs

Opinionated frameworks like Laravel and AdonisJS produce more secure APIs by providing built-in structure, ORMs, and authentication, unlike less structured JavaScript frameworks.

#3about 5 minutes

Understanding the four pillars of a high API score

A strong API score is based on four key pillars: consistent design, high performance, built-in security, and readiness for AI consumption.

#4about 4 minutes

Improving an API score with practical examples

A live demonstration shows how to improve an API's score by adding robust response codes and complete contact details to an OpenAPI specification.

#5about 4 minutes

Designing APIs for AI consumption and built-in security

Build better APIs for AI by using descriptive operation IDs and treat security as a core feature by masking PII and implementing rate limits internally.

#6about 3 minutes

Implement full traceability and use-case driven design

Improve API robustness by implementing full traceability to debug AI agent interactions and designing endpoints around user use cases rather than database schemas.

#7about 3 minutes

Recognizing your API is training data for AI models

Shift your mindset to understand that your API is now a primary data source for training AI models, making composable design and rich documentation essential.