On episode 43 of The Cyber Security Matters Podcast, we were joined by Tristan Kalos, the Co-Founder and CEO of Escape, to talk about all things API security. He shared his perspective on the future of the API security space, as well as the current challenges that Escape solves for its customers. Read on for some fresh insights into the API security sector. 

What’s the main thing customers are looking for, and how do you solve their challenges? 

The general idea is that in the past 10-15 years, the cloud appeared, and suddenly every company started moving to the cloud. Suddenly, the previous security tools that were designed for the on-premise infrastructure were not up to date anymore. There are cloud security companies that appeared to help those companies do their transition in a safe manner, but with the transition to the cloud, the technologies used to build applications and run applications also evolved. Mobile applications suddenly appeared. Then you had single page applications and APIs, which is the technology that allowed any companies in the world to exchange data with each other and their customers. APIs also let developers enhance their capabilities and communicate and exchange data. 

APIs have become central to every data transfer on the Internet and to every business that flows to the Internet. The legacy security tools do not understand APIs or how to secure them or find security issues, so they are very vulnerable. At Escape, our ambition is to create a platform that can properly secure cloud applications, starting with securing the APIs that represent 80% of the global web traffic today. What we do is create security and engineering teams create and provide more secure APIs to empower their business.

What do you think some of the trends will be in API security in the next three to five years?

First of all, I think IA will be a catalyst for exposing APIs. It’s like mobile apps 10-15 years ago when everyone wanted to have a mobile app, so websites were not enough anymore. We have had to expose a private API portal, which was the first API revolution. Soon everyone will have LLM agents working for them. We will use applications in a completely standalone way without humans intervening in the process. What happens if, in five years, we live in a world where everyone has their own LLM assistant that does a lot of things for them? They book plane tickets, Airbnbs, and car rentals. They could do everything for you, but only if they can interact with public APIs.

If, in five years, or even less than that, your business doesn’t have a public API that LLM more external agents can connect to, you will let a lot of money slip off the table because half of the internet users will be IA and they can’t connect to your website. It’s like not having a website in 2009 – it’s already too late. My take is that the development of large language models, or large multi-model agents in general, will make having a public API required for every business. I’m pretty excited about what’s coming from the market. 

To learn more about the future uses of APIs, as well as the current API market, tune into Episode 43 of The Cyber Security Matters Podcast here. 

We sit down regularly with some of the biggest names in our industry, we dedicate our podcast to the stories of leaders in the technologies industries that bring us closer together. Follow the link here to see some of our latest episodes and don’t forget to subscribe.