Edgio, the platform of choice for speed, security, and simplicity at the edge announced the availability of its new API Security solution that uses machine learning (ML) to discover and protect enterprise Application Programming Interfaces (APIs) from evolving threats.
Reduces API-specific attacks
The latest addition to Edgio’s Security platform reduces the risk of API-specific attacks and through simple integration with developer workflows enables strong application performance and accelerated application release velocity.
The rapid growth of APIs used to build microservices in cloud-native architectures has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have.
Machine learning
Edgio uses machine learning to inspect both application traffic patterns and content
With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical attack surface for hackers.
Edgio uses ML to inspect both application traffic patterns and content to ensure API endpoints are discovered, managed, and secured.
Global HWPP features
"Edgio’s unique Global Holistic Web Protection Platform (HWPP) features, including its dual WAAP, self-serviceability, SIEM, and SOAR integration options, real-time log delivery, and pricing model are attractive capabilities that differentiate the company from many other market participants,” said Ying Ting Neoh, Cybersecurity Research Analyst at Frost & Sullivan.
Ying Ting Neoh adds, “The latest addition of the new Edgio API Security solution that uses machine learning to discover and protect enterprise APIs from evolving threats, further adds to its differentiation in the security market.”
Increased API abuse
74% of applications scanned in 2023 were found to have a high-severity vulnerability
The launch of the Edgio solution comes at a time when API abuse is on the rise.
According to the Veracode State of Software Security 2023, 74% of applications scanned in 2023 were found to have a high-severity vulnerability.
Integrated and strong protection
“Our new advanced API security capabilities give customers integrated protection at the edge, a critical feature for the modern enterprise,” said Ajay Kapur, CTO and General Manager, Applications, at Edgio.
He adds, “Built natively into our 300+ PoP edge network, the API Security solution provides strong protection for enterprises where and when they need it most, without management complexity and performance degradation.”
Holistic WAAP solution
With its ML-powered API discovery capabilities, enterprises can easily onboard API endpoints
Available immediately to customers worldwide, Edgio is delivering this service as part of its fully integrated, holistic Web Application and API Protection (WAAP) solution for greater visibility with less complexity, giving customers the ability to respond to threats quicker.
With its ML-powered API discovery capabilities, enterprises can easily onboard API endpoints on the Edgio platform via OpenAPI, and enforce encryption, API rate limiting, and other controls across identified APIs without tedious manual processes or bolt-on solutions. This ensures consistent security practices and mitigates the risk of unauthorised access or data breaches from unknown or hidden API endpoints.
API schema validation
In addition, Edgio offers a positive security model via API schema validation to ensure that only API requests with the proper specifications are allowed access while mitigating invalid API requests. APIs rely on structured data formats, such as JSON, to communicate information between systems.
The positive security model allows customers to verify that the data being transmitted adheres to the defined structure and format via standard OpenAPI specs, preventing malformed or unexpected data from causing errors or the exploitation of security vulnerabilities i.e., SQL injection attacks. It also prevents malicious API calls from overloading the application by filtering them out at the point of origin.
Faster testing
The solution allows DevSecOps to test and validate API schema changes in production
As part of Edgio’s Dual WAAP, the solution allows DevSecOps to test and validate API schema changes in production via an additional audit profile to lower the risk of blocking legitimate traffic and decrease the mean time to resolution (MTTR) with faster testing.
Rule changes can be deployed across the entire network in under 60 seconds to close the door on attackers. “With the proliferation of APIs at the heart of today’s digital world, API sprawl is creating new challenges for businesses,” said Kapur.
API discovery and protection
Ajay Kapur continues, “Building API discovery and protection into the Edgio platform helps organisations address their most pressing issue, without costly and time-intensive DIY or third-party approaches."
He concludes, "Edgio helps them discover and manage shadow APIs, ensuring developers follow established API management protocols, and, most critically, ensuring data privacy and protection.”