White Papers
Checklists
Case Studies
Tools
Podcasts
Webinars

The State of API Exposure

Fortune 1000 at risk: We discovered 30,000 exposed APIs and 100,000 issues in the world's largest organizations

The API Secret Sprawl 2024

How we discovered over 18,000 API secret tokens by analyzing 1M domains on the web

State of GraphQL Security 2023

What scanning 1500+ endpoints has told us about securing GraphQL in production...

State of Public APIs 2023

Analysis of the design, performance and security of 6000+ Public APIs

API Security Checklist

Are you looking to make your API security program stronger? Our API Security Checklist is here to help.

OWASP TOP 10 checklist

Discover the latest insights into the 2023 OWASP API Security Top 10.

DevSecOps checklist

Learn the best practices to implement DevSecOps in your engineering teams.

How Lightspeed ensures full security compliance with Escape

Discover how Lightspeed, the unified point of sale and payments platform, maintains security compliance.

How Escape enhanced Shine's application security

Discover the transformative impact of Escape on API security of Shine, an online banking for professionals.

How Thinkific has achieved enterprise-grade GraphQL security

Discover the challenges Thinkific faced and how they achieved enterprise-grade GraphQL security with Escape.

How Sungage Financial improved their application security within 1 week

Discover how Escape helped Sungage Financial secure their new GraphQL APIs and the impact Sungage felt.

GraphQL Security

A free tool that runs a dozen common security tests on a given GraphQL endpoint.

GraphQL Armor

A middleware for JS servers that adds a security layer to GraphQL endpoint in minutes.

OpenAPI Security

A free tool that runs a dozen common security tests on a given REST API using its OpenAPI specification.

ChatGPT Security

A free tool that runs a dozen common security tests on a given OpenAI ChatGPT Plugin using its manifest.

GPT Security Bot

Learn more about testing and securing APIs with the help of our GPT bot

Is Gen AI your new AppSec weapon? with Sandesh Mysore Anand

Learn how we challenged Sandesh on whether Gen AI can actually supercharge your AppSec program and what a potential shift in the skillset requirements for AppSec engineers would look like in the future.

Security training: necessary investment or overrated expense with Mel Reyes

Discover Mel's insights on whether investment in security training within the organizations is truly justified.

What is ASPM: A breakdown of the current state and its future with James Berthoty

Explore what is ASPM, what's wrong with its current state, what’s missing from Gartner's perspective, and what ASPM might look like in the future.

SCADA systems: How secure are the systems running our infrastructure? with Malav Vyas

Explore whether APIs introduce more security risks than benefits to SCADA systems, how hard it is to secure SCADA, and key future challenges.

Threat modeling: the future of cybersecurity or another buzzword with Derek Fisher

We discussed how to do threat modeling right (and wrong), what’s wrong with its current state, and what its future might look like.

Security experience: top-down vs bottom-up with Jeevan Singh

Throughout our talk, we had a chance to challenge Jeevan on his vision, opinions, and ask some "spicy" questions!

Lack of effective DAST tools with Aleksandr Krasnov

Our first episode with Aleksandr Krasnov, the principal security engineer at Meta, who challenges the effectiveness of existing DAST tools with us.

Workshop: How to write custom security tests for your APIs

Learn how to set up rules for various API vulnerabilities or write them based on bug bounty or pentesting reports.

Webinar: Best practices for API security

Join Tristan Kalos at our  webinar with GitGuardian to learn the ins and outs of keeping your API’s secure.

Webinar: Building your product security roadmap

In-depth recap of our hands-on product security webinar with James Berthoty—gather the best knowledge and insights!

Looking for hands-on training?

We’ve got you covered. Join our API Security Academy and learn how to secure your GraphQL applications with free and interactive online modules.
Start learning now
Features

More knowledge, more secure software

Expand your security horizons.

Blog

Discover latest articles, tech tutorials and opinion pieces on our blog.
More

Community

Connect with other security practitioners or get in touch with Escape team.
More

Escape Docs

Need some help with using Escape? Access all the knowledge you need.
More

Unlock your path to success

Securing your APIs isn’t easy, but we’ve got your back.We’re here to help your security team stay ahead of the curveand remediate vulnerabilities faster.
Get in touch
Agentless API Discovery & API Security for rapidly scaling companies
Book a live demo
Product Use Cases
Ensure API security at scale
Shift left with continous security in CI/CD
Get full security observability
Integrate security into your workflows
Find business logic flaws before production
Simplify compliance management
Deploy Developer-focused remediation
Company
About
We're hiring
Resources
Blog
Case studies
Docs
API Security Academy
API Security Checklist
The Elephant in AppSec Podcast
State of GraphQL Security 2024
State of Public APIs 2023
GraphQL Security
GraphQL Armor
ChatGPT Security
Connect
Book a live demo
Contact us
Slack support
Escape vs Competitors
Escape vs Noname Security
Escape vs Salt Security
Escape vs Rapid7
Escape vs Invicti
Legal
Privacy policy
Terms of service
© 2023 Escape. Made with ❤️, 🥖 and ☕ in San Francisco, Paris and Biarritz.