Black Hat Fireside Chat: API sprawl turns SMBs into prime targets — simple flaws invite breaches

Cyber attackers don’t always need sophisticated exploits. Too often, they succeed by exploiting the basics.

Related: 51 common SMB cyberattacks

That’s the warning from Chris Wallis, founder and CEO of London-based Intruder, who sat down with Last Watchdog during Black Hat USA 2025. His company has carved out a niche helping small and mid-sized businesses, which remain chronically under-resourced when it comes to cybersecurity.

The 2022 Optus breach — triggered by a single unauthenticated API spilling customer data — prompted Wallis and his team to ask how many similar exposures might be hiding in plain sight. Their answer was Auto Swagger, a tool built to scour company systems for exposed API documentation and probe for weaknesses.

Early trials uncovered unsecured APIs at Microsoft and two other global tech firms, exposing sensitive data to anyone who knew where to look. Intruder released Auto Swagger this summer as a free resource to raise awareness and help organizations confront this overlooked risk.

Findings like these highlight a broader concern: the expanding role of APIs as companies rush to embed generative AI. Each new integration depends on APIs to connect internal systems, creating fresh pathways often deployed with little attention to security.

From my vantage point, it feels like déjà vu: unmanaged API growth is becoming the new “soft underbelly” of enterprise IT, much like shadow IT a decade ago — only more dynamic and ephemeral.

For SMBs, the stakes are acute. Cloud adoption and API sprawl have expanded their attack surfaces, while security teams are thin or nonexistent. Legacy tools, designed for large enterprises, can overwhelm rather than assist. Intruder positions its platform as a simpler, integrated alternative that scans networks, flags exposures, and helps IT managers prioritize fixes.

The lesson is clear: fundamentals matter. SMBs remain especially vulnerable. But the tech giants have far less excuse — and yet even they are racing to roll out powerful tools like generative AI without securing the foundations first.

For a full drill down, please give a listen to the accompanying podcast.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

---

(LW provides consulting services to the vendors we cover.)

The post Black Hat Fireside Chat: API sprawl turns SMBs into prime targets — simple flaws invite breaches first appeared on The Last Watchdog.