Cequence Security, the API Protection Innovator, announced at the RSA Conference the Unified API Protection solution, a new approach that helps security teams discover, detect and defend APIs.
While many companies are using the term "API security" to describe their offerings, these solutions often handle only a few of the many functions needed to protect APIs end to end and from becoming a source of vulnerability that can be used as an attack vector. A new mindset, a new category, and a true end-to-end solution where needed, and this is where Unified API Protection comes in.
API Spyder
The company also announced the release of API Spyder, an API attack surface discovery tool that provides security teams with an attacker’s view of their publicly exposed APIs and resources.
With the addition of API Spyder, Cequence Security offers the most complete end-to-end solution for the full API Protection lifecycle on the market.
Unified API Protection solution
The Cequence Unified API Protection solution improves visibility and protection while reducing cost
By stopping attacks without disrupting good traffic, security teams deploying the Cequence Unified API Protection solution enable their organisations to increase revenues, lower service delivery costs and improve user experience across all their API-enabled applications. And they relieve the anxiety and costs of unknown risk because they eliminate previously unprotected and unmitigated API security and compliance exposures.
The Cequence Unified API Protection solution improves visibility and protection while reducing cost, and minimising fraud, business abuse, data losses, and non-compliance while creating attack futility, failure, and fatigue for even the most relentless of attackers.
Unified API Protection Solution
“APIs are a double-edged sword. On one edge APIs are the currency of business exchange driving innovation and commerce. On the other they are open doorways for attackers, often implemented without security oversight or baseline best practices and standards and are now the number one threat surface under attack,” said Ameya Talwalkar, Co-founder & CEO of Cequence Security.
“With the addition of API Spyder to Cequence Security’s technology portfolio, we are now protecting companies from losses across the entire API lifecycle with the industry’s first Unified API Protection Solution.”
A new, modern approach to protecting APIs
Unified API Protection is different from fragmented or incomplete API security offerings because it's a methodology designed to account for multiple types of risk, offers autonomous discovery, and more importantly, provides native inline resolution without relying on third parties.
These solutions are based on three functional pillars:
- Discover: New API Spyder, an agentless API attack surface discovery tool that provides security teams with an attacker’s view of their publicly exposed APIs and resources.
- Detect: API Sentinel enables security teams to discover and track their APIs; assess and remediate risks to eliminate coding errors that can lead to data loss and business disruption.
- Defend: Bot Defense enables security teams to protect their APIs from the full range of automated API attacks and eliminate bot-induced business impacts such as infrastructure cost overruns, site outages, skewed sales analytics, and brand damage from lost, frustrated customers.
Continuous protection for Ubiquitous API Connectivity
By providing continuous, real-time, end-to-end API risk discovery, detection, and defense, the Cequence Unified API Threat Protection solution can allow IT, teams, to deliver secure business connectivity without stress, worry, or lost efficiency. The solution can:
- Deliver visibility of the full runtime API inventory, including risk and compliance states
- Monitor suspicious and malicious traffic, as well as risky changes to any API
- Respond to threats in real-time with stealthy blocking and native mitigation, while also cutting down on false positives and manual intervention
The solution delivers this state of API protection without getting in the way of development or operations efforts, so the whole organisation is united in working more securely, even as new APIs continue to roll out.