Case Study - Escape - The API Security Blog

<!DOCTYPE html> <html lang="en"> <head> <title>Case Study - Escape - The API Security Blog</title> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="HandheldFriendly" content="True" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <style> :root { --button-bg-color: #ffffff; --button-text-color: var(--color-darkgrey); } </style> <link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&family=Inter:wght@400;500;600;700&display=swap"> <link rel="stylesheet" type="text/css" href="/blog/assets/built/screen.css?v=bdd0505571" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/prism-tomorrow.min.css" integrity="sha512-vswe+cgvic/XBoF1OcM/TeJ2FW0OofqAVdCZiEYkd6dwGXthvkSFWOoGGJgS2CW70VK5dQM5Oh+7ne47s74VTg==" crossorigin="anonymous" referrerpolicy="no-referrer" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.3/tocbot.css"> <link rel="icon" href="https://escape.tech/blog/content/images/size/w256h256/2021/09/ESCAPE-LOGO-28-07-2021-08_1000.png" type="image/png"> <link rel="canonical" href="https://escape.tech/blog/tag/case-study/"> <meta name="referrer" content="no-referrer-when-downgrade"> <meta property="og:site_name" content="Escape - The API Security Blog"> <meta property="og:type" content="website"> <meta property="og:title" content="Case Study - Escape - The API Security Blog"> <meta property="og:description" content="Learn about GraphQL security, API security, performance, testing, and building production-ready APIs with the ecosystem's latest tools and best practices."> <meta property="og:url" content="https://escape.tech/blog/tag/case-study/"> <meta property="og:image" content="https://escape.tech/blog/content/images/2022/01/ESCAPE-LOGO-28-07-2021-02-copy-2.png"> <meta name="twitter:card" content="summary_large_image"> <meta name="twitter:title" content="Case Study - Escape - The API Security Blog"> <meta name="twitter:description" content="Learn about GraphQL security, API security, performance, testing, and building production-ready APIs with the ecosystem's latest tools and best practices."> <meta name="twitter:url" content="https://escape.tech/blog/tag/case-study/"> <meta name="twitter:image" content="https://escape.tech/blog/content/images/2022/01/ESCAPE-LOGO-28-07-2021-02-copy-2.png"> <meta name="twitter:site" content="@EscapeTechHQ"> <meta property="og:image:width" content="1200"> <meta property="og:image:height" content="437"> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "Series", "publisher": { "@type": "Organization", "name": "Escape - The API Security Blog", "url": "https://escape.tech/blog/", "logo": { "@type": "ImageObject", "url": "https://escape.tech/blog/content/images/2022/05/escape-logo.0e6d59f.svg", "width": 141, "height": 36 } }, "url": "https://escape.tech/blog/tag/case-study/", "name": "Case Study", "mainEntityOfPage": "https://escape.tech/blog/tag/case-study/" } </script> <meta name="generator" content="Ghost 5.109"> <link rel="alternate" type="application/rss+xml" title="Escape - The API Security Blog" href="https://escape.tech/blog/rss/"> <script defer src="https://cdn.jsdelivr.net/ghost/portal@~2.49/umd/portal.min.js" data-i18n="true" data-ghost="https://escape.tech/blog/" data-key="0e4cafc1e55c09b1ec7809b460" data-api="https://escape.tech/blog/ghost/api/content/" data-locale="en" crossorigin="anonymous"></script><style id="gh-members-styles">.gh-post-upgrade-cta-content, .gh-post-upgrade-cta { display: flex; flex-direction: column; align-items: center; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif; text-align: center; width: 100%; color: #ffffff; font-size: 16px; } .gh-post-upgrade-cta-content { border-radius: 8px; padding: 40px 4vw; } .gh-post-upgrade-cta h2 { color: #ffffff; font-size: 28px; letter-spacing: -0.2px; margin: 0; padding: 0; } .gh-post-upgrade-cta p { margin: 20px 0 0; padding: 0; } .gh-post-upgrade-cta small { font-size: 16px; letter-spacing: -0.2px; } .gh-post-upgrade-cta a { color: #ffffff; cursor: pointer; font-weight: 500; box-shadow: none; text-decoration: underline; } .gh-post-upgrade-cta a:hover { color: #ffffff; opacity: 0.8; box-shadow: none; text-decoration: underline; } .gh-post-upgrade-cta a.gh-btn { display: block; background: #ffffff; text-decoration: none; margin: 28px 0 0; padding: 8px 18px; border-radius: 4px; font-size: 16px; font-weight: 600; } .gh-post-upgrade-cta a.gh-btn:hover { opacity: 0.92; }</style> <script defer src="https://cdn.jsdelivr.net/ghost/sodo-search@~1.5/umd/sodo-search.min.js" data-key="0e4cafc1e55c09b1ec7809b460" data-styles="https://cdn.jsdelivr.net/ghost/sodo-search@~1.5/umd/main.css" data-sodo-search="https://escape.tech/blog/" data-locale="en" crossorigin="anonymous"></script> <script defer src="https://cdn.jsdelivr.net/ghost/announcement-bar@~1.1/umd/announcement-bar.min.js" data-announcement-bar="https://escape.tech/blog/" data-api-url="https://escape.tech/blog/members/api/announcement/" crossorigin="anonymous"></script> <link href="https://escape.tech/blog/webmentions/receive/" rel="webmention"> <script defer src="/blog/public/cards.min.js?v=bdd0505571"></script> <link rel="stylesheet" type="text/css" href="/blog/public/cards.min.css?v=bdd0505571"> <script defer src="/blog/public/member-attribution.min.js?v=bdd0505571"></script><style>:root {--ghost-accent-color: #09134b;}</style> <script id="userled-sdk-snippet"> window.userledSettings={app_id:"21ef73bb-cd0a-4f2b-a193-fa051a5974a1"},window.userledSnippetTs=(new Date).getTime(),(function(){if(!window.Userled){window.Userled=function(){return e.call(arguments)};var e=window.Userled;e.call=function(n){return new Promise((function(i,d){e.queue.push([].concat.apply([i,d],n))}))},e.queue=[],e.snippetVersion="4.0.0",window.Userled("page")}})(); </script> <script id="userled-sdk" type="module" src="https://sdk.userledclient.io?appId=21ef73bb-cd0a-4f2b-a193-fa051a5974a1&snippetVersion=4.0.0" data-cfasync="false"></script>  <script async src="https://www.googletagmanager.com/gtag/js?id=UA-234004425-1"></script> <script> window.dataLayer = window.dataLayer || []; function gtag() { dataLayer.push(arguments); } gtag('js', new Date()); gtag('config', 'UA-234004425-1'); </script>  <script async src="https://www.googletagmanager.com/gtag/js?id=G-0KYN4GPPPE"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-0KYN4GPPPE'); </script> <script> var gh_white_logo = 'https://escape.tech/assets/escape-logo.png'; </script>  <script async src="https://www.googletagmanager.com/gtag/js?id=G-5FTS8Y5Z4N"></script> <script> window.dataLayer = window.dataLayer || []; function gtag() { dataLayer.push(arguments); } gtag('js', new Date()); gtag('config', 'G-5FTS8Y5Z4N'); </script> <script> (function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-MDMBJH6V'); </script>   <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','data layer,'GTM-MLMM8LHP');</script>  <script> var gh_white_logo = 'https://escape.tech/assets/escape-logo.png'; </script>  <script src="https://cdn.usefathom.com/script.js" data-site="WIHBBNEH" defer></script>   <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "BreadcrumbList", "itemListElement": [{ "@type": "ListItem", "position": 1, "name": "Home", "item": "https://escape.tech/" },{ "@type": "ListItem", "position": 2, "name": "Blog", "item": "https://escape.tech/blog" }] } </script>  <style> .container.large { max-width: calc(750px + 8vw); } </style> <script> var gh_white_logo = "https://i.ibb.co/cx8zN47/ESCAPE-LOGO-28-07-2021-02.png" </script>  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/themes/prism.min.css" integrity="sha512-tN7Ec6zAFaVSG3TpNAKtk4DOHNpSwKHxxrsiw4GHKESGPs5njn/0sMCUMl2svV4wo4BK/rCP7juYz+zx+l6oeQ==" crossorigin="anonymous" referrerpolicy="no-referrer" /> <style> .gh-head { position: -webkit-sticky; /* Older Safari browsers */ position: sticky; /* Most other modern browsers including Safari */ top: 0; z-index: 4000; } /* Shine Case study style */ #strongshine-chose-escape-to-enhance-its-application-security-achieve-a-thorough-inventory-of-their-apis-and-help-developers-fix-issues-quicklystrong, #within-a-week-shine-covered-four-applications-accounting-for-300-endpoints-this-rapid-coverage-led-to-the-discovery-and-fixing-of-at-least-strong2-critical-vulnerabilities-in-less-than-24-hours-post-discoverystrong { width: 65%; font-size: 30px; color: #01e2b7; } @media (max-width: 640px) { #strongshine-chose-escape-to-enhance-its-application-security-achieve-a-thorough-inventory-of-their-apis-and-help-developers-fix-issues-quicklystrong, #within-a-week-shine-covered-four-applications-accounting-for-300-endpoints-this-rapid-coverage-led-to-the-discovery-and-fixing-of-at-least-strong2-critical-vulnerabilities-in-less-than-24-hours-post-discoverystrong { width: 90%; font-size: 1.2em; } } #strongstart-securing-your-apis-for-freestrong { margin-bottom: 0.5em; } .kg-header-card a.kg-header-card-button { display: inline-block !important; padding: 20px 16.5px !important; font-size: 1.4rem !important; font-size: 20px !important; line-height: 0.325em !important; color: #1a1b3d !important; background-color: #05e2b7 !important; border-radius: 6px !important; } </style> </head> <body class="tag-template tag-case-study has-sans-body"> <div class="viewport"> <header id="gh-head" class="gh-head"> <nav class="gh-head-inner inner gh-container"> <div class="gh-head-brand"> <a class="gh-head-logo" href="https://escape.tech/blog"> <img width="140" src="https://escape.tech/blog/content/images/2022/05/escape-logo.0e6d59f.svg" alt="Escape - The API Security Blog" /> </a> <div class="mobile-cta-container"> <a style="border-radius: 100px; background-color: #05e2b7; color: #1a1b3d; margin-right: 0; font-weight: 700; font-size: 1.4rem; padding: 12px 18px 13px;" href="https://calendly.com/d/46g-xzy-dgw?utm_source=navbar&utm_medium=blog">Get a demo</a> </div> <a class="gh-burger" role="button"> <div class="gh-burger-box"> <div class="gh-burger-inner"></div> </div> </a> </div> <div class="gh-head-menu"> <ul class="nav"> <li class="nav-escape-platform"><a href="https://escape.tech">Escape Platform</a></li> <li class="nav-case-studies"><a href="https://escape.tech/blog/tag/case-study/">Case studies</a></li> <li class="nav-best-practices"><a href="https://escape.tech/blog/tag/best-practices/">Best Practices</a></li> <li class="nav-events"><a href="https://escape.tech/blog/tag/events/">Events</a></li> <li class="nav-community"><a href="https://join.slack.com/t/escapecommunity/shared_invite/zt-2cpklvqqv-m_h4fzlZhSatxcrxetf3Fg">Community</a></li> </ul> <div class="gh-head-actions"> <a class="try-for-free-button" href="https://calendly.com/d/46g-xzy-dgw?utm_source=navbar&utm_medium=blog">Get a demo</a> <button class="gh-search-icon" aria-label="search" data-ghost-search style="display: inline-flex; justify-content: center; align-items: center; width: 32px; height: 32px; border: 0; color: inherit; background-color: transparent; cursor: pointer; outline: none; margin-left: 4px;"> <svg width="20" height="20" fill="none" viewBox="0 0 24 24"><path d="M14.949 14.949a1 1 0 0 1 1.414 0l6.344 6.344a1 1 0 0 1-1.414 1.414l-6.344-6.344a1 1 0 0 1 0-1.414Z" fill="currentColor"/><path d="M10 3a7 7 0 1 0 0 14 7 7 0 0 0 0-14Zm-9 7a9 9 0 1 1 18 0 9 9 0 0 1-18 0Z" fill="currentColor"/></svg> </button> </div> </div> </nav> </header> <div class="site-content"> <main id="site-main" class="site-main outer"> <div class="inner posts"> <div class="post-feed"> <section class="post-card post-card-large"> <div class="post-card-content"> <div class="post-card-content-link"> <header class="post-card-header"> <div class="post-card-primary-tag">Tagged</div> <h2 class="post-card-title">Case Study</h2> </header> <div class="post-card-excerpt"> <p> A collection of 6 posts </p> </div> </div> </div> </section> <article class="post-card post tag-case-study "> <a class="post-card-image-link" href="/blog/case-study-how-escape-helps-the-french-football-federation/"> <img class="post-card-image" srcset="/blog/content/images/size/w300/2024/07/case-study-fff-en.png 300w, /blog/content/images/size/w600/2024/07/case-study-fff-en.png 600w, /blog/content/images/size/w1000/2024/07/case-study-fff-en.png 1000w, /blog/content/images/size/w2000/2024/07/case-study-fff-en.png 2000w" sizes="(max-width: 1000px) 400px, 800px" src="/blog/content/images/size/w600/2024/07/case-study-fff-en.png" alt="Case Study: How Escape helps the French Football Federation secure the development of its online services" loading="lazy" /> </a> <div class="post-card-content"> <a class="post-card-content-link" href="/blog/case-study-how-escape-helps-the-french-football-federation/"> <header class="post-card-header"> <div class="post-card-primary-tag">Case Study</div> <h2 class="post-card-title">Case Study: How Escape helps the French Football Federation secure the development of its online services</h2> </header> <div class="post-card-excerpt"> <p>Discover how Escape secures the development of the online services of the French Football Federation.</p> </div> </a> <footer class="post-card-meta"> <ul class="author-list"> <li class="author-list-item"> <a href="/blog/author/alexandra/" class="static-avatar"> <img class="author-profile-image" src="/blog/content/images/size/w100/2023/09/profile.jpeg" alt="Alexandra Charikova" loading="lazy" /> </a> </li> </ul> <div class="post-card-byline-content"> <span class="post-card-byline-author"><a href="/blog/author/alexandra/">Alexandra Charikova</a></span> <span class="post-card-byline-date"><time datetime="2024-07-04">Jul 4, 2024</time> <span class="bull">•</span> 3 min read</span> </div> </footer> </div> </article> <article class="post-card post tag-case-study "> <a class="post-card-image-link" href="/blog/etude-de-cas-comment-escape-aide-fff-securiser-developpement/"> <img class="post-card-image" srcset="/blog/content/images/size/w300/2024/07/case-study-fff.png 300w, /blog/content/images/size/w600/2024/07/case-study-fff.png 600w, /blog/content/images/size/w1000/2024/07/case-study-fff.png 1000w, /blog/content/images/size/w2000/2024/07/case-study-fff.png 2000w" sizes="(max-width: 1000px) 400px, 800px" src="/blog/content/images/size/w600/2024/07/case-study-fff.png" alt="脡tude de cas : Comment Escape aide la F茅d茅ration Fran莽aise de Football 脿 s茅curiser le d茅veloppement de ses services en ligne" loading="lazy" /> </a> <div class="post-card-content"> <a class="post-card-content-link" href="/blog/etude-de-cas-comment-escape-aide-fff-securiser-developpement/"> <header class="post-card-header"> <div class="post-card-primary-tag">Case Study</div> <h2 class="post-card-title">脡tude de cas : Comment Escape aide la F茅d茅ration Fran莽aise de Football 脿 s茅curiser le d茅veloppement de ses services en ligne</h2> </header> <div class="post-card-excerpt"> <p>La F茅d茅ration Fran莽aise de Football (FFF) est l'instance dirigeante du football en France, supervisant tous les aspects du sport, des niveaux amateurs aux ligues professionnelles. Pour accomplir sa mission de promotion et de d茅veloppement du football, la FFF s'appuie sur des plateformes num茅riques et des API</p> </div> </a> <footer class="post-card-meta"> <ul class="author-list"> <li class="author-list-item"> <a href="/blog/author/alexandra/" class="static-avatar"> <img class="author-profile-image" src="/blog/content/images/size/w100/2023/09/profile.jpeg" alt="Alexandra Charikova" loading="lazy" /> </a> </li> </ul> <div class="post-card-byline-content"> <span class="post-card-byline-author"><a href="/blog/author/alexandra/">Alexandra Charikova</a></span> <span class="post-card-byline-date"><time datetime="2024-07-02">Jul 2, 2024</time> <span class="bull">•</span> 3 min read</span> </div> </footer> </div> </article> <article class="post-card post tag-case-study "> <a class="post-card-image-link" href="/blog/case-study-how-sungage-financial-improved-their-application-security-within-1-week/"> <img class="post-card-image" srcset="/blog/content/images/size/w300/2024/06/Partner--Customer--1-.png 300w, /blog/content/images/size/w600/2024/06/Partner--Customer--1-.png 600w, /blog/content/images/size/w1000/2024/06/Partner--Customer--1-.png 1000w, /blog/content/images/size/w2000/2024/06/Partner--Customer--1-.png 2000w" sizes="(max-width: 1000px) 400px, 800px" src="/blog/content/images/size/w600/2024/06/Partner--Customer--1-.png" alt="Case Study: How Sungage Financial improved their application security within 1 week" loading="lazy" /> </a> <div class="post-card-content"> <a class="post-card-content-link" href="/blog/case-study-how-sungage-financial-improved-their-application-security-within-1-week/"> <header class="post-card-header"> <div class="post-card-primary-tag">Case Study</div> <h2 class="post-card-title">Case Study: How Sungage Financial improved their application security within 1 week</h2> </header> <div class="post-card-excerpt"> <p>Sungage Financial chose Escape's API security solution to secure their new GraphQL APIs. Escape鈥檚 easy setup, actionable remediation, and GraphQL support enabled comprehensive risk evaluation and swift vulnerability fixes, enhancing security and efficiency.</p> </div> </a> <footer class="post-card-meta"> <ul class="author-list"> <li class="author-list-item"> <a href="/blog/author/mia/" class="static-avatar"> <img class="author-profile-image" src="/blog/content/images/size/w100/2024/06/Mia--1-.png" alt="Mia Berthier" loading="lazy" /> </a> </li> </ul> <div class="post-card-byline-content"> <span class="post-card-byline-author"><a href="/blog/author/mia/">Mia Berthier</a></span> <span class="post-card-byline-date"><time datetime="2024-06-11">Jun 11, 2024</time> <span class="bull">•</span> 3 min read</span> </div> </footer> </div> </article> <article class="post-card post tag-case-study tag-api-inventory tag-shift-left tag-ci-cd featured "> <a class="post-card-image-link" href="/blog/case-study-how-lightspeed-ensures-full-security-compliance-with-escape/"> <img class="post-card-image" srcset="/blog/content/images/size/w300/2023/10/escape-lightspeed.png 300w, /blog/content/images/size/w600/2023/10/escape-lightspeed.png 600w, /blog/content/images/size/w1000/2023/10/escape-lightspeed.png 1000w, /blog/content/images/size/w2000/2023/10/escape-lightspeed.png 2000w" sizes="(max-width: 1000px) 400px, 800px" src="/blog/content/images/size/w600/2023/10/escape-lightspeed.png" alt="Case Study: How Lightspeed ensures full security compliance with Escape" loading="lazy" /> </a> <div class="post-card-content"> <a class="post-card-content-link" href="/blog/case-study-how-lightspeed-ensures-full-security-compliance-with-escape/"> <header class="post-card-header"> <div class="post-card-primary-tag">Case Study</div> <h2 class="post-card-title">Case Study: How Lightspeed ensures full security compliance with Escape</h2> </header> <div class="post-card-excerpt"> <p>Lightspeed, a technology partner to more than 160,000 global retail and hospitality businesses, has recently transitioned to a centralized payments model and adopted GraphQL APIs as a cornerstone of its operations. GraphQL allowed Lightspeed to improve both efficiency and flexibility in data retrieval, resulting in better overall system performance.</p> </div> </a> <footer class="post-card-meta"> <ul class="author-list"> <li class="author-list-item"> <a href="/blog/author/alexandra/" class="static-avatar"> <img class="author-profile-image" src="/blog/content/images/size/w100/2023/09/profile.jpeg" alt="Alexandra Charikova" loading="lazy" /> </a> </li> </ul> <div class="post-card-byline-content"> <span class="post-card-byline-author"><a href="/blog/author/alexandra/">Alexandra Charikova</a></span> <span class="post-card-byline-date"><time datetime="2023-11-09">Nov 9, 2023</time> <span class="bull">•</span> 3 min read</span> </div> </footer> </div> </article> <article class="post-card post tag-case-study tag-api-inventory tag-shift-left tag-ci-cd tag-hash-landing-cards featured "> <a class="post-card-image-link" href="/blog/case-study-shine/"> <img class="post-card-image" srcset="/blog/content/images/size/w300/2023/10/shine-escape-case-study.png 300w, /blog/content/images/size/w600/2023/10/shine-escape-case-study.png 600w, /blog/content/images/size/w1000/2023/10/shine-escape-case-study.png 1000w, /blog/content/images/size/w2000/2023/10/shine-escape-case-study.png 2000w" sizes="(max-width: 1000px) 400px, 800px" src="/blog/content/images/size/w600/2023/10/shine-escape-case-study.png" alt="Case Study: How Escape enhanced Shine's application security" loading="lazy" /> </a> <div class="post-card-content"> <a class="post-card-content-link" href="/blog/case-study-shine/"> <header class="post-card-header"> <div class="post-card-primary-tag">Case Study</div> <h2 class="post-card-title">Case Study: How Escape enhanced Shine's application security</h2> </header> <div class="post-card-excerpt"> <p>Shine is the online banking subsidiary of Soci茅t茅 G茅n茅rale, one of the leading financial services groups in Europe. Specifically designed for professionals with a commitment to innovation and customer satisfaction, Shine offers a range of online banking solutions tailored to the modern user. At the heart of Shine's</p> </div> </a> <footer class="post-card-meta"> <ul class="author-list"> <li class="author-list-item"> <a href="/blog/author/alexandra/" class="static-avatar"> <img class="author-profile-image" src="/blog/content/images/size/w100/2023/09/profile.jpeg" alt="Alexandra Charikova" loading="lazy" /> </a> </li> </ul> <div class="post-card-byline-content"> <span class="post-card-byline-author"><a href="/blog/author/alexandra/">Alexandra Charikova</a></span> <span class="post-card-byline-date"><time datetime="2023-10-05">Oct 5, 2023</time> <span class="bull">•</span> 4 min read</span> </div> </footer> </div> </article> <article class="post-card post tag-case-study tag-application-security-case-studies featured "> <a class="post-card-image-link" href="/blog/case-study-thinkific/"> <img class="post-card-image" srcset="/blog/content/images/size/w300/2023/09/escape-thinkific-case-study-2.png 300w, /blog/content/images/size/w600/2023/09/escape-thinkific-case-study-2.png 600w, /blog/content/images/size/w1000/2023/09/escape-thinkific-case-study-2.png 1000w, /blog/content/images/size/w2000/2023/09/escape-thinkific-case-study-2.png 2000w" sizes="(max-width: 1000px) 400px, 800px" src="/blog/content/images/size/w600/2023/09/escape-thinkific-case-study-2.png" alt="Case Study: How Thinkific has achieved enterprise-grade GraphQL security with Escape" loading="lazy" /> </a> <div class="post-card-content"> <a class="post-card-content-link" href="/blog/case-study-thinkific/"> <header class="post-card-header"> <div class="post-card-primary-tag">Case Study</div> <h2 class="post-card-title">Case Study: How Thinkific has achieved enterprise-grade GraphQL security with Escape</h2> </header> <div class="post-card-excerpt"> <p>Thinkific, a leading platform for creating and selling online courses, stands out for its commitment to flexibility and innovation. This dedication to innovative technologies led them to embrace GraphQL APIs as the center of their federated architecture. This system would aim to consolidate multiple existing APIs under one branch. However,</p> </div> </a> <footer class="post-card-meta"> <ul class="author-list"> <li class="author-list-item"> <a href="/blog/author/alexandra/" class="static-avatar"> <img class="author-profile-image" src="/blog/content/images/size/w100/2023/09/profile.jpeg" alt="Alexandra Charikova" loading="lazy" /> </a> </li> </ul> <div class="post-card-byline-content"> <span class="post-card-byline-author"><a href="/blog/author/alexandra/">Alexandra Charikova</a></span> <span class="post-card-byline-date"><time datetime="2023-10-02">Oct 2, 2023</time> <span class="bull">•</span> 4 min read</span> </div> </footer> </div> </article> </div> </div> </main> </div> <footer class="site-footer outer"> <div class="inner"> <section class="copyright"><a href="https://escape.tech/blog">Escape - The API Security Blog</a> © 2025</section> <nav class="site-footer-nav"> <ul class="nav"> <li class="nav-get-a-demo"><a href="https://calendly.com/d/46g-xzy-dgw">Get a demo</a></li> <li class="nav-escapes-proprietary-business-logic-algorithm"><a href="https://escape.tech/blog/escape-proprietary-algorithm/">Escape's proprietary business logic algorithm</a></li> <li class="nav-best-practices"><a href="https://escape.tech/blog/tag/best-practices/">Best Practices</a></li> <li class="nav-case-studies"><a href="https://escape.tech/blog/tag/case-study/">Case Studies</a></li> <li class="nav-learn-how-to-test-your-graphql-apis"><a href="https://escape.tech/blog/testing-your-graphql-api/">Learn how to test your GraphQL APIs</a></li> <li class="nav-grpc-api-security"><a href="https://escape.tech/blog/how-to-secure-grpc-apis/">gRPC API Security</a></li> <li class="nav-how-to-use-graphql-with-postman"><a href="https://escape.tech/blog/getting-started-with-postman-graphql/">How to use GraphQL with Postman</a></li> <li class="nav-graphql-security"><a href="https://escape.tech/blog/tag/graphql/">GraphQL Security</a></li> <li class="nav-graphql-errors"><a href="https://escape.tech/blog/graphql-errors-the-good-the-bad-and-the-ugly/">GraphQL Errors</a></li> <li class="nav-graphql-armor"><a href="https://escape.tech/graphql-armor/">GraphQL Armor</a></li> <li class="nav-escape-community"><a href="https://join.slack.com/t/escapecommunity/shared_invite/zt-2cpklvqqv-m_h4fzlZhSatxcrxetf3Fg">Escape Community</a></li> <li class="nav-about-us"><a href="https://escape.tech/company/">About Us</a></li> <li class="nav-privacy-policy"><a href="https://escape.tech/privacy/">Privacy Policy</a></li> <li class="nav-api-security-academy"><a href="https://escape.tech/academy/">API Security Academy</a></li> <li class="nav-api-gateway-security-best-practices"><a href="https://escape.tech/blog/api-gateway-security/">API Gateway Security Best Practices</a></li> </ul> </nav> </div> </footer> </div> <script src="https://code.jquery.com/jquery-3.5.1.min.js" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"> </script> <script src="/blog/assets/built/casper.js?v=bdd0505571"></script> <script> $(document).ready(function () { // Mobile Menu Trigger $('.gh-burger').click(function () { $('body').toggleClass('gh-head-open'); }); // FitVids - Makes video embeds responsive $(".gh-content").fitVids(); }); </script> <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-core.min.js" integrity="sha512-9khQRAUBYEJDCDVP2yw3LRUQvjJ0Pjx0EShmaQjcHa6AXiOv6qHQu9lCAIR8O+/D8FtaCoJ2c0Tf9Xo7hYH01Q==" crossorigin="anonymous" referrerpolicy="no-referrer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js" integrity="sha512-fTl/qcO1VgvKtOMApX2PdZzkziyr2stM65GYPLGuYMnuMm1z2JLJG6XVU7C/mR+E7xBUqCivykuhlzfqxXBXbg==" crossorigin="anonymous" referrerpolicy="no-referrer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.3/tocbot.min.js"></script> <script> tocbot.init({ // Where to render the table of contents. tocSelector: '.gh-toc', // Where to grab the headings to build the table of contents. contentSelector: '.gh-content', // Which headings to grab inside of the contentSelector element. headingSelector: 'h1, h2, h3, h4', }); </script>  <noscript ><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-MDMBJH6V" height="0" width="0" style="display: none; visibility: hidden" ></iframe ></noscript>  <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/prism.min.js" integrity="sha512-hpZ5pDCF2bRCweL5WoA0/N1elet1KYL5mx3LP555Eg/0ZguaHawxNvEjF6O3rufAChs16HVNhEc6blF/rZoowQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/components/prism-yaml.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/components/prism-bash.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/components/prism-jsx.min.js" crossorigin="anonymous" referrerpolicy="no-referrer"></script>  <script type="text/javascript" id="hs-script-loader" async defer src="//js-eu1.hs-scripts.com/26857953.js"></script>  </body> </html>

CINXE.COM

Case Study - Escape - The API Security Blog