As APIs and AI systems become the primary way applications operate, security teams are running into a practical problem: most defenses were not designed for environments where traffic is already live, automated, and moving at scale. Traditional perimeter controls and passive detection struggle once APIs and AI agents are embedded into production systems.
Recent updates by Wallarm reflect how vendors are adjusting to that reality, with changes focused less on headline features and more on how security actually works day to day.
APIs now sit at the center of cloud applications, SaaS platforms, and AI-driven workflows. AI agents increasingly rely on APIs to take actions, move data, and trigger processes without human involvement. For security teams, this shifts the problem from identifying vulnerabilities to managing risk in systems that cannot be paused or re-architected.
Built for live traffic, not retrofits
One of the challenges organizations face is that many API security tools were adapted from technologies built for other use cases.
According to a Wallarm spokesperson, that mismatch becomes obvious once APIs and AI agents are already generating traffic. “The Security Edge architecture was purpose-built to support API security, instead of adding API security to an existing architecture built for another purpose, such as web content caching,” the spokesperson said. “Security Edge distributes API security as close to the APIs as possible in a SaaS environment.”
This design is intended for environments where infrastructure changes are unrealistic. “Deployment with nothing to install and no changes to existing infrastructure works especially well when APIs and AI agents are established and generating traffic,” the spokesperson said. “The result is protection with lower latency.” They added that the architecture supports high availability across multiple cloud providers, reducing reliance on any single infrastructure.
Precision enforcement instead of broad blocking
On the product side, Wallarm’s recent updates focus on tightening enforcement without disrupting legitimate activity. Session-level API blocking allows teams to stop malicious behavior within a specific API session rather than relying on broad IP-based rules. In high-volume environments, this reduces the risk of blocking valid applications along with attackers.
Schema-based API security testing addresses a different challenge. By using API schemas as a baseline, teams can test against what an API is intended to do, not just what it exposes at runtime. The result is earlier discovery of weaknesses and less time spent chasing false positives.
What MSSPs need to scale profitably
For MSSPs, API and AI security only works as a managed service if it can be delivered consistently across many customers. That puts pressure on multi-tenancy, automation, and alert quality.
“First, Wallarm supports fully multi-tenant deployments, which are critical for MSSPs,” the Wallarm spokesperson said. “Multi-tenancy is fully automated via APIs, allowing MSSPs to create repeatable onboarding and ongoing automation.”
Context also matters for operational efficiency. “One key value that MSSPs offer is the ability to bring together multiple data sets,” the spokesperson said. “Wallarm supports the integrations required to enhance the alerts and operational value that MSSPs already offer customers.” API telemetry can provide additional context around incidents detected by other tools, showing what happened before or after an event, or confirming whether an API was directly involved.
Time to value starts with response
When MSSPs and internal teams evaluate managed API and AI security, speed matters. Long tuning cycles delay results and increase operational overhead.
“The fastest time to value is in real-time blocking of attacks,” the Wallarm spokesperson said. “When Wallarm is installed, it can immediately start blocking malicious requests with no tuning required. Detection alone isn’t enough.”
That immediate response is paired with longer-term capabilities such as API discovery and inventory, abuse prevention, account takeover protection, and security testing. Together, these features support both rapid risk reduction and sustained service delivery.
Open tools and training close the gap
Beyond the core platform, Wallarm’s launch of MCPJail reflects growing uncertainty around AI agents and Model Context Protocol servers. By providing an open-source way to evaluate and contain MCP-based integrations, teams can experiment with AI-driven workflows without exposing production systems prematurely.
The company has also launched Wallarm University and a free API Security Certification to address a widening skills gap. As APIs and AI become core infrastructure, practical training tied to real attack patterns is becoming as important as tooling.
The moves point to a broader shift in how API and AI security is being built and consumed. Protection is moving closer to live traffic. MSSPs are demanding automation and repeatability. Security teams are prioritizing controls that work immediately, not just visibility into issues they cannot act on. Security platforms that operate effectively in production, scale across customers, and deliver value without heavy tuning are becoming foundational rather than optional.
