CIO Influence
CIO Influence News Security

Neosec Introduces Industry First Expert Managed Threat Hunting Service for Detecting API Abuse

Neosec Introduces Industry First Expert Managed Threat Hunting Service for Detecting and Investigating API Abuse and Vulnerabilities

Neosec threat hunters from the “ShadowHunt” team jumpstart the API Security process quickly and help build the knowledge in today’s overstretched security teams

Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, announced the availability of ShadowHunt, an expert-staffed managed threat hunting service to augment its platform with human oversight from active threat hunters to identify the most clandestine and obfuscated API abuse. Borrowing from threat hunting capabilities in EDR and XDR, Neosec brings similar techniques to API security. ShadowHunt gives security teams peace of mind that API security experts are examining abnormal behavior on their API estate.

Combining the ShadowHunt service with the Neosec cloud-based platform enables organizations to manage the increasing risk to core business systems, assets and data from manipulation, theft or misuse. The service is ideal for companies where security teams are short-staffed or lack the expertise needed to identify threats in business API traffic, because APIs are increasingly used to connect important business systems to customers, suppliers, and partners.

Latest ITechnology News: Computecoin Announces Strategic Partnership with Helium’s Manufacturing Provider Midas Wireless

“The increasing potential for insiders or attackers to utilize business APIs for criminal or malicious gain requires a new level of scrutiny and sophistication,” said Giora Engel, co-founder and chief executive officer, Neosec. “The new ShadowHunt service augments our platform with an expert team to monitor API usage and hunt for fraud, abuse or critical vulnerabilities without any drain on an organization’s existing security team.”

Rather than focusing only on vulnerabilities within APIs, the Neosec platform addresses the problem by first automatically and continually identifying all APIs a company has in use, evaluating their risk posture and monitoring user behavioral anomalies that could involve data theft or other misuse. Most companies lack a complete API  inventory, let alone understand the nature of normal API usage. Few have the ability to monitor their APIs to mitigate loss or detect abuse of business processes, financial assets and data within their APIs. Now, the ShadowHunt service can augment use of the Neosec platform with a team of experts to respond to findings quickly, investigate potential threats and recommend immediate remediation and actions.

Latest ITechnology News: NordLocker Offers CDP as New Report Finds That 90% Of Ransomware Incidents Impact Business’ Ability to Operate

Besides the incidents and alerts provided by the dedicated expert team of threat hunters, the ShadowHunt service also includes a monthly report to summarize findings and investigations performed by the team, news of emerging API threats discovered by Neosec across many different companies and notable changes in the use and operation of APIs currently employed by a company. The service also includes full “Ask the Experts” access to the team of threat hunters.

The ShadowHunt service and the Neosec platform together provide an effective way to quickly incorporate full monitoring and investigation of anomalous business API usage without impacting existing security operations and team workload. The combination can add protection against vulnerability exploits and API business abuse quickly and transparently.

Latest ITechnology News: Contrast Security Makes Enterprise-Class Code Security Testing Tools Available to All Developers for Free

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

CommAgility 5G NR Hardware and Software selected by Shared Spectrum for DoD 5G Project

CIO Influence News Desk

CoreStack and Nirmata Announce Strategic Partnership to Enable Autonomous Security Governance and Compliance for Kubernetes

ScyllaDB Announces NoSQL Database as a Service Now Available on Google Cloud

Leave a Comment