Escape API Security is an API security platform that provides automated API discovery, documentation, and security testing capabilities from development through production environments. The platform uses a code-to-cloud approach that combines non-invasive API scanning, static API discovery in source code, and native connectors to existing tools. The platform offers agentless API discovery to identify exposed and internal APIs, including shadow APIs, and provides API intelligence that documents APIs, code owners, sensitive data, and exposure levels. It supports security testing for REST, GraphQL, and gRPC APIs through purpose-built Dynamic Application Security Testing (DAST) functionality. The security testing capabilities include detection of business logic flaws, Broken Object Level Authorization (BOLA), and Insecure Direct Object References (IDOR). The platform allows creation of custom rules and tests tailored to specific business flows. It provides compliance reporting for industry benchmarks including OWASP Top 10, PCI DSS, and SOC 2. The platform integrates into CI/CD pipelines for early issue detection and prevention. It includes contextual risk prioritization and scoring to reduce alert fatigue. The platform offers a public API and CLI for workflow automation and custom integrations.