Edgio to launch three new features offering advanced protection and greater control for organizations facing emerging cybersecurity challenges
Edgio, the platform of choice for security, speed and simplicity at the edge, announced new security features aimed at giving customers robust controls to secure APIs and mitigate the risks of automated attacks. Edgio’s API security solution is enhanced by the addition of JSON Web Token (JWT) authentication to secure customers’ API endpoints, as well as significant improvements to its Advanced Rate Limiting solution to protect customers from evolving application DDoS threats.
Also Read: What Are APTs? How Enterprises Can Safeguard Against Them
“50% of data theft will be due to unsecured APIs by 2025.”
With the inclusion of JWT validation, Edgio customers can perform authorization of their API requests at the edge, ensuring users are authenticated and have the right access level to perform designated functions on their API endpoints. JWT validation is a critical piece in protecting against broken authentication, an OWASP Top 10 API risk. Gartner also noted last year that “50% of data theft will be due to unsecured APIs by 2025.”
Additionally, this feature allows customers to transition their API Gateway functions from cloud infrastructure to the edge, leveraging Edgio’s ultra-low latency environment to improve the performance and security of API traffic. This enhancement gives customers granular control over API access while providing real time mitigation of attacks closest to where they originated from. This further amplifies the availability and reduces costs for operating mission critical API endpoints.
Edgio also made several significant enhancements to its Advanced Rate Limiting solution, which provides additional controls to protect against a wide range of automated threat use cases including fraud, DDoS, and API abuse. Customers can now track user requests across longer periods of time to detect low and slow DDoS attacks designed to exhaust their resources without a noticeable spike. The ability to incorporate user session and supplemental custom identifiers (in the form of TLS fingerprints) enable customers to shape their application traffic granularly, ensuring accurate detection of advanced persistent attacks and maximizing application uptime during attacks.
Also Read: CIO Influence Interview with Kevin Campbell, CEO at Syniti
Furthermore, the platform will offer response-based rate limiting to arm customers against sophisticated attacks designed to bust cache and generate elevated errors overwhelming their applications. This ability is particularly useful in protecting customers’ APIs and authentication endpoints against credential stuffing or application DDoS attacks. Edgio has been using this technique to successfully mitigate attacks from aggressive DDoS campaigns launched by hacktivist groups during the first year of the war in Ukraine.
“In today’s dynamic threat landscape, empowering organizations with additional control over their defense-in-depth layers is more important than ever,” said Richard Yew, VP of Product Management, Edgio. “Edgio takes pride in offering these new and improved features to combat the surge in automated threats, ensuring our customers enjoy peace of mind and confidence in the security and resiliency of their applications.”
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
