The State of Security of Vibe Coded Apps

How we discovered 2,000 high impact vulnerabilities and sensitive data leaks in apps built with vibe coding platforms

The State of API Exposure

Fortune 1000 at risk: We discovered 30,000 exposed APIs and 100,000 issues in the world's largest organizations

State of GraphQL Security 2024

Discover our yearly report on the state of GraphQL security

The API Secret Sprawl 2024

How we discovered over 18,000 API secret tokens by analyzing 1M domains on the web

State of GraphQL Security 2023

What scanning 1500+ endpoints has told us about securing GraphQL in production...

State of Public APIs 2023

Analysis of the design, performance and security of 6000+ Public APIs

Automating Offensive Security with AI: A Guide to Scaling Pentesting with Escape

A practical guide to automating offensive security, built from the perspective of offensive and application security leaders we worked with.

From Business Logic Vulnerabilities to Actionable Insights: AI-powered Pentesting + ASM in Action

Discover how Escape’s AI-powered pentesting uncovers business logic flaws at scale and the first public demo of Escape’s ASM

Securing AI-driven applications with DAST (Escape customers' stories)

Join us for a live webinar with AppSec experts and Escape clients - DoubleVerify, Applied Systems, PandaDoc, as they break down how their teams are rethinking testing strategies to keep up with AI-influenced codebases.

How to secure modern, cloud-native applications with Escape and Wiz

Discover how joint Escape and Wiz customers are solving the challenges of understanding the full context of an application and integrating security throughout the development lifecycle, from code to cloud.

The common security mistakes everyone makes in M&A

If you often handle M&A, manage security across diverse brands, or want to avoid common mistakes during major business transitions, this session is for you.

The Future of AppSec: SAST + DAST combined for complete application coverage

Discover practical strategies for integrating SAST and DAST into a seamless process within your SDLC.

Workshop: How to write custom security tests for your APIs

Learn how to set up rules for various API vulnerabilities or write them based on bug bounty or pentesting reports.

Webinar: Best practices for API security

Join Tristan Kalos at our webinar with GitGuardian to learn the ins and outs of keeping your API’s secure.

Webinar: Building your product security roadmap

In-depth recap of our hands-on product security webinar with James Berthoty—gather the best knowledge and insights!

How Lightspeed ensures full security compliance with Escape

Discover how Lightspeed, the unified point of sale and payments platform, maintains security compliance.

How DoubleVerify Achieved Full API Visibility and Security with Wiz and Escape

Discover how DoubleVerify, a large AdTech platform, ensures their API security with Escape DAST and Wiz

How Escape enhanced Shine's application security

Discover the transformative impact of Escape on API security of Shine, an online banking for professionals.

How Thinkific has achieved enterprise-grade GraphQL security

Discover the challenges Thinkific faced and how they achieved enterprise-grade GraphQL security with Escape.

How Sungage Financial improved their application security within 1 week

Discover how Escape helped Sungage Financial secure their new GraphQL APIs and the impact Sungage felt.

GraphQL Security

A free tool that runs a dozen common security tests on a given GraphQL endpoint.

GraphQL Armor

A middleware for JS servers that adds a security layer to GraphQL endpoint in minutes.

OpenAPI Security

A free tool that runs a dozen common security tests on a given REST API using its OpenAPI specification.

ChatGPT Security

A free tool that runs a dozen common security tests on a given OpenAI ChatGPT Plugin using its manifest.

GPT Security Bot

Learn more about testing and securing APIs with the help of our GPT bot

All other episodes are available on our YouTube channel!

Click to discover more.

Is Gen AI your new AppSec weapon? with Sandesh Mysore Anand

Learn how we challenged Sandesh on whether Gen AI can actually supercharge your AppSec program and what a potential shift in the skillset requirements for AppSec engineers would look like in the future.

Security training: necessary investment or overrated expense with Mel Reyes

Discover Mel's insights on whether investment in security training within the organizations is truly justified.

What is ASPM: A breakdown of the current state and its future with James Berthoty

Explore what is ASPM, what's wrong with its current state, what’s missing from Gartner's perspective, and what ASPM might look like in the future.

SCADA systems: How secure are the systems running our infrastructure? with Malav Vyas

Explore whether APIs introduce more security risks than benefits to SCADA systems, how hard it is to secure SCADA, and key future challenges.

Threat modeling: the future of cybersecurity or another buzzword with Derek Fisher

We discussed how to do threat modeling right (and wrong), what’s wrong with its current state, and what its future might look like.

Security experience: top-down vs bottom-up with Jeevan Singh

Throughout our talk, we had a chance to challenge Jeevan on his vision, opinions, and ask some "spicy" questions!

Lack of effective DAST tools with Aleksandr Krasnov

Our first episode with Aleksandr Krasnov, the principal security engineer at Meta, who challenges the effectiveness of existing DAST tools with us.

API Security Checklist

Are you looking to make your API security program stronger? Our API Security Checklist is here to help.

OWASP TOP 10 checklist

Discover the latest insights into the 2023 OWASP API Security Top 10.

DevSecOps checklist

Learn the best practices to implement DevSecOps in your engineering teams.

Looking for hands-on training?

We’ve got you covered. Join our API Security Academy and learn how to secure your GraphQL applications with free and interactive online modules.

Start learning now

Features

More knowledge, more secure software

Expand your security horizons.

Blog

Discover latest articles, tech tutorials and opinion pieces on our blog.

Community

Connect with other security practitioners or get in touch with Escape team.

Escape Docs

Need some help with using Escape? Access all the knowledge you need.

Unlock your path to success

Securing your APIs isn’t easy, but we’ve got your back.We’re here to help your security team stay ahead of the curveand remediate vulnerabilities faster.

Get in touch