This creates a large and growing attack surface, leading to a growing number of publicized API attacks and breaches. Traditional network and web protection tools do not protect against all the security threats facing APIs. Many organizations lack visibility of their APIs, as many are used as part of web or mobile applications and not published directly. This means that a key requirement of API threat protection is API discovery.”
Gartner® Hype Cycle™ for Application Security, 2022