New security tools are proactively protecting APIs built with GraphQL, before attacks against them become more commonplace.