Ping Identity, the provider of Identity Defined Security, announces that it has made several significant updates to PingIntelligence for APIs, its AI-powered API cybersecurity solution. These latest enhancements include an AI-based cloud trial, the ability to detect new types of attacks, support for Splunk environments, and additional integration with API gateways.
The lack of visibility into how APIs are consumed is becoming commonplace in today’s enterprise environment. In fact, a recent Ping Identity survey conducted among security and IT professionals reveals that 45% of respondents aren’t confident in their organisation’s ability to detect whether a bad actor is accessing their APIs.
Detailed traffic information
Fifty-one percent aren't even assured their security team knows about all of the APIs that exist in the organisation
Fifty-one percent aren't even assured their security team knows about all of the APIs that exist in the organisation. This data illustrates that the people trusted with securing APIs don’t have enough visibility into their activity to identify abuses and attacks, which has contributed to why recent API attacks were not discovered for months. In this latest product update of PingIntelligence for APIs, three important capabilities make protecting APIs, and the data and applications they expose, even more achievable:
PingIntelligence for APIs uses AI and machine learning methods to detect, block and report attacks, as well as deliver detailed traffic information for deep visibility into all API activity—which helps secure APIs and the digital assets they connect. To make it easier for organisations to experience this for themselves, Ping now provides a cloud-based intelligence trial.
Blocking anomalous behaviour
While traditional enterprise security solutions aren’t designed to protect against attacks targeting the unique vulnerabilities APIs present, PingIntelligence for APIs fills these security gaps by detecting, reporting and blocking anomalous behaviour and attacks on each API under its watch. These include attacks on login systems, data theft, remote application control, API-specific DoS/DDoS attacks, stolen credential attacks and more.
This update now extends the ability of PingIntelligence for APIs to stop additional threats, such as data exfiltration over extended periods of time
This update now extends the ability of PingIntelligence for APIs to stop additional threats, such as data exfiltration over extended periods of time, content scraping, and slow login attacks, along with delivering improved bot detection. In addition this release supports sending threat information to Splunk environments, thereby enabling teams to consolidate attack information across their full security spectrum.
Emerging threats
PingIntelligence for APIs enhances the security provided by any API gateway by bringing in AI-based threat detection and blocking to their environments. Adding to its current integrations with PingAccess and Axway AMPLIFY, the Ping solution now integrates with the Apigee Edge platform.
“Ping is helping some of the world’s largest organisations protect against an ever-diversifying landscape of cybersecurity threats, including those against API infrastructures. Many of the recent API abuses and attacks took months and years to detect, further reinforcing the need for IT leaders to build API-security focused teams,” shared Bernard Harguindeguy, CTO, Ping Identity. “As evidenced by the new advancements to our PingIntelligence for APIs solution, we’re committed to delivering even more leading-edge technology to protect our customers’ API infrastructures against these emerging threats.”