From 348ff22f13a1626cb457faa43f4f963bfa24355c Mon Sep 17 00:00:00 2001
From: Sarah Chen <sarah.chen6@gmail.com>
Date: Wed, 18 Jun 2025 17:53:26 -0400
Subject: [PATCH] Revert "Enable API Security by default (#8511)"

This reverts commit 2885767d121f2364d8be50b8bfb8931a2a1ea81f.
---
 .../src/main/java/datadog/trace/api/ConfigDefaults.java         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dd-trace-api/src/main/java/datadog/trace/api/ConfigDefaults.java b/dd-trace-api/src/main/java/datadog/trace/api/ConfigDefaults.java
index 7468bf0de96..c389eccbd95 100644
--- a/dd-trace-api/src/main/java/datadog/trace/api/ConfigDefaults.java
+++ b/dd-trace-api/src/main/java/datadog/trace/api/ConfigDefaults.java
@@ -113,7 +113,7 @@ public final class ConfigDefaults {
   static final int DEFAULT_APPSEC_TRACE_RATE_LIMIT = 100;
   static final boolean DEFAULT_APPSEC_WAF_METRICS = true;
   static final int DEFAULT_APPSEC_WAF_TIMEOUT = 100000; // 0.1 s
-  static final boolean DEFAULT_API_SECURITY_ENABLED = true;
+  static final boolean DEFAULT_API_SECURITY_ENABLED = false;
   static final float DEFAULT_API_SECURITY_SAMPLE_DELAY = 30.0f;
   // TODO: change to true once the RFC is approved
   static final boolean DEFAULT_API_SECURITY_ENDPOINT_COLLECTION_ENABLED = false;