Case Study: Large Mobile Phone Carrier achieves full API visibility and discovers thousands of unmanaged APIs with Cequence Security's API Spyder

Large Mobile Phone Carrier Discovers Thousands of Unmanaged and Insecure APIs

Large Mobile Phone company, one of the nation’s largest carriers, needed a complete and accurate understanding of its entire API footprint to ensure visibility and control over mission‑critical API applications. Cequence Security — already protecting the company with API Sentinel and Bot Defense — introduced its new API Spyder (part of the Unified API Protection solution) to discover and inventory every public‑facing API regardless of where it was hosted.

Cequence Security ran API Spyder to crawl and map the carrier’s attack surface, providing continuous discovery and a dashboard for immediate alerts on new APIs; the tool revealed thousands of unmanaged APIs and more than 1,000 API servers not protected by any API security solution. The engagement found measurable issues — over 18% of servers were non‑production and exposed, 5 API apps with Log4J vulnerabilities, SSL problems on over 30% of API servers, and 107 exposed files — delivering full API visibility, removal of security blind spots, and automated ongoing protection via Cequence Security.