A computerized method for securing an application based on auto-learning and auto-mapping of application services and application programming interfaces (APIs), includes the step of providing a distributed application security mesh system. The method includes the step of implementing a learning mode of the distributed application security mesh system. This includes learning a set of services and a set of APIs that are used by the set of services to interact with each other. The service comprises an application service. This includes creating a record of the set of services. The record comprises a list of services that are currently active in a specified environment of the distributed application security mesh system, and a list of interactions of the services. The method includes the step of implementing an enforcing mode of the distributed application security mesh system. This includes determining that there is a deviation from a state of at least one record of the set of services provided during the learning mode. This includes implementing a mechanism for the review of the deviations by administrators of the systems and updating the learned state or to take an action based on the review.