CIO Influence
CIO Influence News Security

Akamai Announces API Security Product To Protect APIs From Business Abuse And Data Theft

Akamai Announces API Security Product To Protect APIs From Business Abuse And Data Theft

Akamai Technologies, Inc.the cloud company that powers and protects life online, announced the availability of API Security, a product that stops application programming interface (API) attacks and detects business logic abuse inside APIs. In addition, Akamai‘s API Security discovers, audits and monitors API activity using behavioral analytics to rapidly respond to threats and abuse.

API security has become a critical concern for organizations as API attacks continue to grow.A recent State of the Internet report by Akamai noted that 2022 was a record year for application and API attacks.Once an API has been authorized by a web application and API protection (WAAP) product, security teams have no visibility into its use within the organization.Malicious actors are aware of this blind spot and have shifted to abusing the vast API attack surface.

CIO INFLUENCE: CIO Influence Interview with Antoine Jebara, Co-Founder and GM, MSP Products at JumpCloud

Akamai‘s stand-alone API Security solution is a result of Akamai‘s acquisition of Neosec, announced in April of this year.It works with any API gateway, WAAP or cloud implementation. Akamai customers can also take advantage of edge connector, an integration that saves the time, energy, and cost of product integration with the click of a button.

The API Security product provides complete visibility into API activity, uses behavioral analytics to detect complex threats and improves detections by analyzing historical data uniquely stored in a data lake. The offering delivers API discovery, visibility and risk auditing combined with detection and response capabilities that enable full investigation and threat hunting. With API Security’s differentiating Shadow Hunt threat hunting managed service, machine learning signals are delivered to human analysts for investigation. Users can see their APIs, which means they can ensure protection by recording API activity, detecting any possible breaches and keeping customer data safe.

Akamai‘s API Security helps us with discovering and monitoring our critical APIs for all applications,” said Stan LeeCISO of Earnin, a financial technology company.“It helps us to improve compliance and risk management while enabling business process agility and outcomes.”

CIO INFLUENCE: CIO Influence Interview with Herb Kelsey, Federal CTO at Dell Technologies

“Recent breaches have painfully revealed the necessity of API security solutions. Preventing API-based attacks by guarding endpoints and checking credentials is no longer sufficient,” said Rupesh ChokshiSenior Vice President and General Manager, Application Security at Akamai.Akamai‘s API Security gives organizations the ability to monitor API behavior in any platform or gateway to ensure that business processes are running smoothly and securely.”

Forrester Research recently noted the importance of API security in light of recent attacks.“API security is the hot app-sec tool of 2023. APIs made front-page news in 2022 when 9.8 million Optus customers had personal information stolen and ransomed due to a publicly exposed API that did not require authentication. Optus wasn’t the only one: TwitterT-Mobile, and a law enforcement app all had API vulnerabilities that exposed data.The good news is that global security decision-makers reported that API security adoption rose from 2020 to 2022 and shows no signs of slowing.

API Security complements Akamai‘s existing App & API Protector (AAP) solution. Together, they deliver the most comprehensive global protection, combining enterprise-wide visibility, behavioral analysis of API activity and prevention of attacks and abuse.This joint strategy enables:

  • Broader discovery to see APIs on and off the Akamai content delivery network
  • Layered detections that are both signature-based and behavioral.
  • Customized responses to block threats in-line or remediate issues.
  • All of these protections benefit from easy deployment in one control center. Plus, they “check the box” on both OWASP Top 10 vulnerability lists and ensure access to API threat hunting expertise.

CIO INFLUENCE: Top Challenges for CTOs in 2023

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

GrammaTech CodeSentry 4.0 Enables Developers to Identify Security Vulnerabilities Hidden in Third Party Code

CIO Influence News Desk

Xignite Introduces New ETFs Cloud API

Federal Transit Administration Selects ICF for $10 Million in IT Modernization Services