API Security Archives - Infosecurity

ThreatX Introduced Quick Start Program for API Protection

Posted on June 28, 2022 by admin

ThreatX has introduced the API Protection Quick Start Program, which is designed to aid organizations in better protecting their APIs by quickly deploying real-time protection against botnet, DDoS, and complex, multi-mode attacks.

APIs are a gold mine for attackers because they allow applications to share data and are increasingly being used to streamline communication between consumers and business partners. As a result, API adoption has outpaced security teams’ ability to protect against threats, leaving the connected systems vulnerable. While some vendor offerings claim to provide complete API security, they frequently lack bot protection and real-time blocking capabilities, leaving customers vulnerable to threats.

Billy Toomey, Vice President of Sales at ThreatX commented, “We’ve seen firsthand that security teams are struggling to understand how to protect their organization’s APIs against real-time threats, and they’re often trying to do so with scarce time, resources, and human power. We’re thrilled to launch this program, and are confident it will empower small, midsized, and enterprise customers to begin building their API security programs with the full support of ThreatX SOC.”

ThreatX Quick Start program helps businesses get started with API protection by allowing them to build their API security program without putting their resources at risk. The program provides real-time monitoring and blocking of API attacks, allowing protection without the need for additional tools or attack data that must be analyzed after the fact. The fully managed program offers customers support from ThreatX Security Operations Center (SOC), which offers 24/7 coverage and expertise.

Read more articles:

API Security Should Be Your Priority in 2022

Neosec Launched ShadowHunt For API Security

Posted on June 6, 2022 by admin

Neosec launched ShadowHunt, a managed threat hunting service staffed by experts, to supplement its platform with human oversight from active threat hunters to identify the most hidden and obfuscated API abuse. Neosec’s SaaS platform discovers all APIs, analyzes their behavior, audits risk, and eliminates threats lurking within. It brings together security and development teams to protect modern applications at scale from threats.

Neosec applies threat hunting techniques like those used in EDR and XDR to API security. ShadowHunt provides security teams with the assurance that API security experts are investigating unusual behavior on their API estate.

Giora Engel, co-founder, and chief executive officer of Neosec stated, “The increasing potential for insiders or attackers to utilize business APIs for criminal or malicious gain requires a new level of scrutiny and sophistication. The new ShadowHunt service augments our platform with an expert team to monitor API usage and hunt for fraud, abuse, or critical vulnerabilities without any drain on an organization’s existing security team.”

Organizations can manage the growing risk of manipulation, theft, and misuse of core business systems, assets, and data by combining the ShadowHunt service with the Neosec cloud-based platform. Because APIs are increasingly used to connect important business systems to customers, suppliers, and partners, the service is ideal for companies where security teams are understaffed or lack the expertise required to identify threats in business API traffic.

The Neosec platform handles API vulnerabilities by automatically and continuously identifying all APIs in use by a company, assessing their risk posture, and monitoring user behavioral anomalies that could involve data theft or other misuses. Most businesses do not have a complete API inventory, let alone an understanding of the nature of typical API usage. The ShadowHunt service can now supplement the use of the Neosec platform with a team of experts to respond quickly to findings, investigate potential threats, and recommend immediate remediation and actions.

The ShadowHunt service and the Neosec platform work together to provide a quick way to incorporate full monitoring and investigation of anomalous business API usage without interfering with existing security operations or team workload. The combination can quickly and transparently add protection against vulnerability exploits and API business abuse.

Read more articles:

API Security Should Be Your Priority in 2022

Posted on May 24, 2022 by admin

API security represents the application of any security best practice to APIs, which are widely used in modern applications. API security encompasses API access control and privacy, as well as the detection and remediation of API-related attacks such as API reverse engineering and the exploitation of API vulnerabilities.

Whether an application focuses on consumers, or anyone else, the client-side (mobile app or web app) interacts with the server-side via Application Programming Interface (API). APIs make it simple for a developer to create a client-side app. APIs enable microservice architectures as well.

An attack on API could include bypassing the client-side application to disrupt the operation of an application for other users or to compromise private information. API security is concerned with securing this application layer and addressing what might happen if a malicious hacker interacts with the API.

According to Infosecurity Outlook, “by 2023, API abuses will be the most common attack vector resulting in data breaches for enterprise web applications. To avoid these attacks, it is best to take a continuous approach throughout the API development and delivery cycle, designing security into APIs.”

Features of API Security

API security is concerned with securing the APIs that you expose directly or indirectly. API security is less concerned with the APIs you use that are provided by third parties, though analyzing outgoing API traffic, one can get valuable insights that can be used whenever possible.

It’s also worth noting that API security as a practice involves several teams and systems. API security includes network security concepts like rate limiting and throttling, as well as data security, identity-based security, and monitoring.

Technology advancements such as cloud services, API gateways, and integration platforms enable API providers to secure APIs in novel ways. The technology stack you use to build your APIs has an impact on, how secure they are.

Larger organizations have different departments, and they can develop their own applications using their own APIs. Large organizations also end up with multiple API stacks or API silos because of mergers and acquisitions.

As we know, API security requirements can be directly mapped to the technology of a single silo when all your APIs are contained within it. In the future, these security configurations should be portable enough to be extracted and mapped to another technology.

However, in heterogeneous environments, API security rules are typically defined using API security-specific infrastructure that operates across these API silos. The connectivity between API silos and API security infrastructure can be achieved by using the sidecars, sideband agents, and APIs integrated between cloud and on-premises deployments.

API Discovery

There are numerous barriers that prevent security operatives from having full visibility into all APIs exposed by their organization. API silos reduce API visibility by providing only a subset of APIs under disconnected governance.

API discovery is a tussle between API providers and hackers who will easily exploit the APIs once discovered. API traffic metadata can be used to locate APIs before they are discovered by attackers. This information is extracted from API gateways, load balancers, or directly inline network traffic, and then fed into a specialized engine that generates a useful list of APIs that can be compared to API management layer catalogues.

OAuth and API Access Control

To limit API resources to only those users who should be able to access them. The user, as well as any applications acting on their behalf, must be identified. This is typically accomplished by requiring client-side applications to include a token in API calls to the service, which can then validate that token and retrieve user information from it. OAuth is the standard that describes how a client-side application first obtains an access token. OAuth defines numerous grant types to accommodate different flows and user experiences.

API Data Governance and Privacy Protection

API leaks occur because data flows through APIs. As a result, API security must also include inspecting the structured data flowing into and out of your APIs and enforcing rules at the data layer.

Because data in your API traffic is structured predictably, enforcing data security by inspecting API traffic is an excellent choice for this task. API data governance, in addition to [yes/no] type rules, allows you to transform the data structured into your API traffic in real-time for redaction purposes. This pattern is commonly used to redact specific fields that may contain information that a user’s privacy settings dictate should be hidden from the requesting application.

API Threat Identification

API threat detection is a logical extension of general threat protection measures. APIs, for example, are frequently protected by a firewall, which provides some basic security. APIs are sometimes protected by a web application firewall (WAF). A WAF may scan API traffic to detect signature-based threats such as SQL injections and other injection attacks. API gateways also play a role in API-specific threat detection. A gateway may impose a strict schema on the way in as well as general input sanitization. In addition to acting as a policy enforcement point, it will look for deep nesting patterns, and XML bombs, and apply rate limits.

API Analytics and Behaviour

An AI engine can build models for what normal API traffic looks like using API traffic metadata and then use this model to look for anomalous behavior. These anomalies can aid in the detection of ongoing attacks, but they can also indicate system misbehaviors and other non-malicious disruptions to your services, such as friendly fire. Such a layer can pinpoint the source of this attack or misbehavior by analyzing API traffic metadata, and this information can then be used to cease the incident in progress and fix it.

Conclusion

APIs are highly regarded targets for malicious actors and are expected to become the primary attack. APIs require a dedicated approach to security and compliance due to the critical role they play in digital transformation and the access to internal sensitive data and systems they provide.

Read more articles:

What is API Security?

Noname Security and BlueFort Security Collaborate to Provide Proactive API Security

Posted on May 24, 2022 by admin

Noname Security, a leader in application programming interface (API) security and BlueFort Security, the UK’s largest provider of cybersecurity solutions, have announced a strategic partnership agreement. The Noname API Security Platform is the only solution that addresses all three pillars of API security: API Posture Management, API Runtime Security, and Secure API Software Development Life Cycle (SDLC).

VP EMEA at Noname Security, Dirk Marichal stated, “Partnering with BlueFort is an excellent fit for us given the team’s expertise as a cyber security partner providing valuable technical expertise and hands-on support to businesses across the UK. BlueFort’s service offerings are highly evolved and built upon solid skill sets and subject matter expertise, making the partnership a natural choice in a fast-moving technology area where users need guidance, thought leadership and innovation. The Noname API Security platform will help BlueFort customers mitigate risks, prevent attacks, and keep business APIs secure.”

The strategic collaboration with Noname will add to BlueFort’s already extensive cybersecurity offerings, which are based on carefully chosen partnerships, intelligence, and knowledge to create innovative, end-to-end IT security solutions to protect BlueFort customers’ environments. The Noname API Security Platform will also provide API vulnerability scanning as part of BlueFort Evolve, a cyber-focused services package designed to provide enhanced support, additional incident response resources, and specialist technical and professional services to help internal IT teams improve their security posture.

Customers of BlueFort will have significant exposure to the Noname API Security Platform as part of the partnership agreement, which will allow them to proactively secure their environments against API security vulnerabilities, misconfigurations, and design flaws, as well as provide API attack protection with automated detection and response.

The Noname API Security Platform can connect to any environment and seamlessly interacts with an organization’s existing technological stack, in addition to addressing the whole API security scope. It is the only API security platform that supports both SaaS and on-premises deployments, as well as API testing before production, allowing customers to uncover risks early in the API software development lifecycle.

The CEO of Sales & Marketing at BlueFort Security, Dave Henderson, commented, “We are pleased to be able to offer BlueFort customers access to the most powerful, complete, and easy-to-use API security platform – both as a standalone solution and as part of our value-add BlueFort Evolve offering. IT discovery is now a top priority for CISOs, who are faced with securing an ever-expanding attack surface in an increasingly hostile global threat environment. Noname Security provides a complete view of API security and helps CISOs proactively secure their environments from vulnerabilities and misconfiguration. This strategic partnership reflects our shared ethos of providing innovative solutions that focus on addressing fast-evolving security challenges across all market sectors.”

ThreatX Collaborates with Distology

Posted on May 2, 2022 by admin

ThreatX enables enterprises to detect and respond to sophisticated threats to their APIs and web applications by combining AI and machine learning capabilities along with comprehensive managed services. ThreatX has announced a partnership with Distology which is a leading cloud security distributor in the United Kingdom and other European markets. ThreatX will be able to deliver its API protection platform and managed services at scale through this partnership with Distology. ThreatX will gain from Distology’s extensive outreach, knowledge, and strong relationships covering the United Kingdom, Ireland, and Benelux markets.

Dave Howell, CMO at ThreatX commented, “Distology will jumpstart ThreatX’s expansion into the U.K. and neighboring European markets. When choosing partners, Distology identifies and evaluates products that it considers to be ‘best of breed,’ and our solution meets, and exceeds, these criteria. We are thrilled to offer our solution in both new and existing markets as we continue to build upon our tremendous start to 2022.”

ThreatX’s success is strong and the partnership with Distology is evident of that, the company reported record-breaking growth in the first quarter of calendar 2022 alone, with record new business bookings and increased average revenue per customer. In addition, the company recently expanded and improved its API protection capabilities to provide customers with better protection and visibility into their API attack surface.

Billy Toomey, VP of Sales, ThreatX stated, “Distology is one of the most thoughtful and strategic security software distributors I’ve encountered. Rather than focus on transactional relationships, the Distology team builds deep, and meaningful, partnerships centered on solving customer problems, I’m excited for our partnership and believe this is truly a win-win for both companies, as Distology offers its partners the unique ability to help customers both identify and stop attacks on APIs in real-time.”

ThreatX’s API protection platform protects APIs from all threats, including DDoS attempts, bot attacks, API abuse, exploitation of known vulnerabilities, and zero-day attacks. ThreatX protects APIs for businesses in every industry around the world effectively and efficiently.

Read more articles:

API Security?

Cloud Security?

Cequence Security Collaborates with Software AG

Posted on April 11, 2022 by admin

The industry leader in API security, Cequence Security, has established a significant collaboration with Software AG, the software pioneer of the truly globalized world. API Security Platform’s integration with Software AG’s webMethods Gateway will provide enterprise security teams with an end-to-end API security solution.

President, and CEO of Cequence Security, Larry Link commented, “Research has shown a drastic uptick in data breaches and attacks targeted at APIs over the past year, and our mission is to give enterprises an easy button for all things API security-related through strategic integrations. We’re thrilled to partner with Software AG to extend their capabilities and carry out our dual mission to enable enterprises to successfully grow their revenue without the fear of API attacks.”

APIs have become the foundation of services, allowing companies to use a more sequential development technique in which apps are published and upgraded more frequently. Customers can use the Software AG webMethods Gateway to manage their APIs centrally, implement access controls, and minimize volumetric traffic spikes. The Cequence API Security Platform is the only solution today that natively mitigates API threats in real-time, complementing and extending the webMethods capabilities with holistic API attack surface area discovery, misuse, and attack detection.

Organizations have traditionally depended on perimeter security services to secure their APIs. This tendency has shifted: between July and December 2021, Cequence Security stopped over 80% of cyberattacks aimed at APIs. This connection will give security teams additional visibility into how the webMethods Gateway’s security features are being used, as well as more information on the demands put on their APIs, allowing them to identify and halt threats before they have a negative effect on the organization.

General Manager API, Integration & Microservices, Software AG, Suraj Kumar stated, “We are very excited to partner with Cequence Security to better address the growing need for enhanced API security in today’s digital business climate. Their comprehensive API security platform combines visibility and risk assessment to protect and prevent sophisticated attacks. Together with Software AG’s API management capabilities, our new partnership with Cequence Security will help organizations discover and better protect their APIs against all types of threats.”

Read more:

What is API Security?

Nokia Launches New SaaS applications

Posted on February 23, 2022 by admin

SIM Secure Connect and AVA Network Data Analytics Function are two new software solutions (SaaS) launched by Nokia for mobile carriers and companies.

The new services, which are focused on security, data, and monetization, build on Nokia’s current SaaS business to enable telecoms service providers (CSPs) and enterprises to increase their value by transitioning to a subscription-based, old-school, cost-effective model.

Nokia’s new SaaS solution, ISIM Secure Connect, allows CSPs and companies to manage eSIM and iSIM-enabled device registrations in a secure and medium-term manner. It also integrates all components of the eSIM / iSIM management process seamlessly, allowing services linked to a reliable digital identification system to be monetized.

The company’s second product combines AI and analytics which is a virtualization and automation (AVA) solution. Nokia AVA Network Data Analytics Function (NWDAF) offers analytics on the network edge, leverages 3GPP compliant analytics services, and promotes software development interactions because of its distributed architecture and open APIs.

To generate greater returns automation of artificial intelligence (AI) and machine learning (ML) helps improve network performance and customer experience.

Regarding commercial releases, Nokia said their AVA NWDAF service would be available later this quarter with a SaaS delivery model. ISIM Secure Connect is scheduled to launch as SaaS later this year. However, other shipping options will continue to be available to customers.

Keeper Secrets Manager, the First Zero-Trust, Zero-Knowledge and Cloud-Native Solution for Securing Infrastructure Secrets

Posted on January 12, 2022 by admin

Keeper Security, a global leading provider of zero-trust and zero-knowledge cybersecurity software that includes password management, dark web monitoring, digital file storage, and messaging, has launched Keeper Secrets Manager, a new cloud-based, zero-knowledge solution for securing infrastructure secrets such as API keys, certificates, database passwords, access keys, and other types of private information.

“Over 80% of successful data breaches involve compromised credentials, and to a cybercriminal, the most desirable credentials are the ones with full access to an organization’s most sensitive data. Yet these highly sensitive and privileged credentials are almost always hardcoded into source code, CI/CD systems or config files. Keeper Secrets Manager enables organizations to protect these ‘hidden’ credentials across all of its infrastructure,” says Darren Guccione, CEO and Co-founder of Keeper Security.

Keeper Secrets Manager is a completely managed and cloud-based security solution that leverages an innovative patent-pending security architecture. Keeper’s top-rated enterprise password management (EPM) technology also uses the same zero-knowledge security methodology. Keeper Secrets Manager seamlessly integrates into nearly any data environment without requiring additional hardware or cloud-hosted infrastructure, whereas competing secrets management solutions require customers to buy special hardware, install a proxy service, or use a specific cloud services provider. It integrates with a range of DevOps tools out of the box, including Github Actions, Kubernetes, Ansible, and others.

“Fast and seamless integration into organizations’ existing tech stacks is where Keeper Secrets Manager shines. Organizations can get Keeper Secrets Manager up and running in about 20 minutes, which is less than the time it would take just to download competing solutions’ appliances. Keeper Secrets Manager is an elegant and secure solution for managing infrastructure secrets, without any added complexity, maintenance or security issues,” notes Craig Lurey, CTO and Co-founder of Keeper Security.

Keeper Secrets Manager is a logical complement to Keeper Enterprise Password Management (EPM). Keeper’s Advanced Reporting and Alerts Module (ARAM), BreachWatch, Webhooks, SIEM connectivity, and compliance tools are all integrated within the Keeper Web Vault, Desktop App, and Admin Console.

Data Theorem Releases Industry’s First Active Protection Suite with Observability and Runtime Defense

Posted on November 11, 2021 by admin

Data Theorem, Inc., a global leading provider of modern application security, announced the industry’s first Active Protection package, which includes observability and runtime defense and provides comprehensive security for API, mobile, modern web, cloud, and serverless (Lambda) functions.

To prevent data breaches, organisations today require technologies that are specifically designed for securing modern application stacks. Runtime AppSec technologies in the past (WAFs, RASPs, EDRs) were unable to cover crucial sections of modern application stacks like cloud-native applications. Traditional web application firewalls (WAFs), runtime application self-protection (RASPs), and endpoint detection and response (EDR) agents, these cannot secure serverless applications with APIs, such as AWS Lambda. This is due to the lack of readily available operating systems for agent installation, as well as typical network perimeters with ingress/egress points. Data Theorem’s whole product suite now includes runtime protections and observability, addressing security gaps in modern application exposures typical in cloud-native stacks.

Data Theorem is the first to provide full stack security for current modern apps, starting with the client layer (mobile and web), protecting the network layer (REST and GraphQL APIs), and extending all the way down to the underlying infrastructure (cloud services).

“Data Theorem’s Active Protection is the first in the industry to provide comprehensive security across today’s modern application stacks. Application environments are more dynamic when leveraging cloud services requiring increased telemetry. Organizations need to discover their growing attack surfaces as their cloud adoption grows. We are not aware of any other vendor delivering active protection runtime defenses and observability across cloud-native, mobile, modern web, and serverless applications,” said Doug Dooley, Data Theorem COO.

Data Theorem’s extensive AppSec portfolio secures companies against data breaches with application security testing and protection for modern web frameworks, API-driven microservices, and cloud resources. Its solutions are driven by the company’s award-winning Analyzer Engine, which utilizes a unique sort of dynamic and run-time analysis that is completely implemented into the CI/CD process and allows enterprises to undertake continuous, automated security inspection and remediation.

Its solutions are driven by the company’s award-winning Analyzer Engine, which utilizes a unique sort of dynamic and run-time analysis that is completely implemented into the CI/CD process and allows enterprises to undertake continuous, automated security inspection and remediation.

Synopsys and The Chertoff Group partners to Provide Policy-Driven Software Security Solutions

Posted on September 22, 2021 by admin

Synopsys, Inc. announced a new partnership with The Chertoff Group, a worldwide advisory services company that offers security expertise, technology insight, and policy intelligence to help clients build resilient organizations, gain a competitive edge, and drive growth.

When it comes to helping clients make more secure software faster, Synopsys joins forces with leading solution providers around the world. A strategic partnership with The Chertoff Group will enable companies to deliver cutting-edge application security solutions and help clients gain confidence in their software investments. Clients can now benefit from the advisory services of The Chertoff Group and the application security domain expertise of Synopsys to ensure that cloud migration and digital transformation projects run smoothly.

“The Chertoff Group’s partnership with Synopsys is powerful because it combines market-leading software security and cyber risk management capabilities. As we’ve learned from the spate of disruptive technology supply chain compromises, organizations must unify their approach to product security with enterprise cyber defense. By combining The Chertoff Group’s cyber risk capabilities with Synopsys’ software security expertise, we help clients overcome that compounded challenge,” said David London, a managing director at The Chertoff Group.

“Organizations are increasingly realizing that software risk equates to business risk. This is a central focus of the partnership between Synopsys and The Chertoff Group, which was born out of a desire to educate organizations on policies and standards and how they can be directly applied to development and deployment teams,” said Tom Herrmann, vice president of channels and alliances at the Synopsys Software Integrity Group.