The State of GraphQL Security 2024

Insights from 13,000 GraphQL API issues: A deep dive into the current state of GraphQL security
Download report
Header imageArrow

State of GraphQL Security

Key findings

This report provides a thorough analysis of public GraphQL APIs, highlighting main vulnerabilities and the risks they pose. By understanding these security challenges, organizations can proactively protect their GraphQL APIs.

13K issues of varying severity

Custom security rules icon

33% of API services have one or more high-severity issues (CVSS classification)

4.4K secrets exposed in public GraphQL APIs

Discover Escape's findings

Including a comprehensive list of recommendations for
GraphQL protection
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Agentless API Discovery & API Security for rapidly scaling companies
Book a live demo
Product Use Cases
Ensure API security at scale
Shift left with continous security in CI/CD
Get full security observability
Integrate security into your workflows
Find business logic flaws before production
Simplify compliance management
Deploy Developer-focused remediation
Company
About
We're hiring
Resources
Blog
Case studies
Docs
API Security Academy
API Security Checklist
The Elephant in AppSec Podcast
State of GraphQL Security 2024
State of Public APIs 2023
GraphQL Security
GraphQL Armor
ChatGPT Security
Connect
Book a live demo
Contact us
Slack support
Escape vs Competitors
Escape vs Noname Security
Escape vs Salt Security
Escape vs Rapid7
Escape vs Invicti
Legal
Privacy policy
Terms of service
© 2023 Escape. Made with ❤️, 🥖 and ☕ in San Francisco, Paris and Biarritz.