# Untested APIs

If an API exists but hasn't undergone security testing, it introduces specific challenges:

1. **Security Blind Spots:** Untested APIs may harbor vulnerabilities or weaknesses that remain undetected, posing a security risk.
2. **Inaccurate Risk Assessment:** Without security testing, the risk assessment may lack crucial insights, potentially leading to misinformed decisions.
3. **Compliance Challenges:** Regulatory compliance often requires thorough security assessments. Untested APIs may create compliance challenges.

**Managing Implications**: Prioritize security assessments, documentation, and collaboration to ensure comprehensive testing and mitigate potential vulnerabilities.

<figure><img src="https://3462681674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZKwBF6q0tAGXlIih38HL%2Fuploads%2FXFAkMQljArxZCnmvBzPS%2Fimage.png?alt=media&#x26;token=05881a4a-f386-4580-8d09-4024176f6b58" alt=""><figcaption><p>Untested API</p></figcaption></figure>