Wallarm: API Security Leader used the past week to sharpen its positioning at the intersection of API security and rapidly expanding AI adoption. The company’s field CISO Craig Riddell stressed that board-level AI security discussions remain overly focused on model safety and documentation, arguing instead for “runtime governance” centered on what AI systems actually do in production.
Meet Samuel – Your Personal Investing Prophet
- Start a conversation with TipRanks’ trusted, data-backed investment intelligence
- Ask Samuel about stocks, your portfolio, or the market and get instant, personalized insights in seconds
Wallarm frames APIs as the key enforcement layer for this governance, contending that most existing controls were built for human-driven workflows rather than autonomous AI agents chaining actions at machine speed. That perspective underpins its focus on access, permissions, and observability, as survey-style data cited by the firm suggests only about 30% of organizations have meaningful AI governance, despite 88% already using AI in at least one business function.
The company highlights widespread exposure, including claims that more than 70% of corporate AI tools are rated high or critical risk and over 80% of enterprise data flows to unsecured AI platforms. Reported prevalence of shadow AI, personal generative AI accounts used for work, and frequent data incidents reinforces Wallarm’s view that AI security is becoming an API- and identity-centric challenge rather than purely a model problem.
In product news, Wallarm introduced “Wallarm MCP Protection,” a new offering aimed at securing externally exposed MCP servers, which support machine-callable capabilities. The tool extends the firm’s API security model with automated server discovery, session-level visibility, and schema-based real-time enforcement, blocking nonconforming tool calls before they reach the server.
Wallarm also amplified its market voice through thought leadership, promoting a CISO Spotlight series featuring five security leaders discussing real-world enterprise risk, and showcasing executive participation in an eChannelNEWS discussion on AI-driven API threats. These initiatives are intended to deepen engagement with CISOs and channel partners as AI integrations expand API attack surfaces and visibility gaps.
Collectively, the week’s activity underscores Wallarm’s strategic bet that converging AI, API, and governance concerns will expand demand for specialized runtime and access-control solutions. While the updates are primarily narrative and product-positioning oriented, they highlight a clear focus on emerging AI-agent and machine-to-machine security needs that could influence the company’s long-term growth trajectory.