Cequence Security introduces Unified API Protection solution

A modern approach that enables security teams to discover, detect and defend APIs.

Cequence Security has introduced a new approach that helps security teams discover, detect and defend APIs. While many companies today are using the term "API security" to describe their offerings, these solutions often handle only a few of the many functions actually needed to protect APIs end to end and from becoming a source of vulnerability that can be used as an attack vector. A new mindset, a new category, and a true end-to-end solution was needed, and this is where Unified API Protection comes in.

The company also announced the release of API Spyder, an API attack surface discovery tool that provides security teams with an attacker’s view of their publicly exposed APIs and resources. With the addition of API Spyder, Cequence Security now offers the most complete end-to-end solution for the full API Protection lifecycle on the market. Click here to request a free trial of API Spyder today.

By stopping attacks without disrupting good traffic, security teams deploying the Cequence Unified API Protection solution enable their organisations to increase revenues, lower service delivery costs, and improve user experience across all their API-enabled applications. And they relieve the anxiety and costs of unknown risk because they eliminate previously unprotected and unmitigated API security and compliance exposures. The Cequence Unified API Protection solution improves visibility and protection while reducing cost, minimising fraud, business abuse, data losses, and non-compliance while creating attack futility, failure, and fatigue for even the most relentless of attackers.

“APIs are a double-edged sword. On one edge APIs are the currency of business exchange driving innovation and commerce. On the other they are open doorways for attackers, often implemented without security oversight or baseline best practices and standards and are now the number one threat surface under attack,” said Ameya Talwalkar, Co-founder & CEO of Cequence Security. “With the addition of API Spyder to Cequence Security’s technology portfolio, we are now protecting companies from losses across the entire API lifecycle with the industry’s first Unified API Protection Solution.”

A New, Modern Approach to Successfully Protect APIs

Unified API Protection is different from fragmented or incomplete API security offerings because it's a methodology designed to account for multiple types of risk, offers autonomous discovery and more importantly, provides native inline resolution without relying on third parties. These solutions are based on three functional pillars:

• Discover: New API Spyder, an agentless API attack surface discovery tool that provides security teams with an attacker’s view of their publicly exposed APIs and resources.

• Detect: API Sentinel enables security teams to discover and track their APIs; assess and remediate risks to eliminate coding errors that can lead to data loss and business disruption.

• Defend: Bot Defense enables security teams to protect their APIs from the full range of automated API attacks and eliminate bot-induced business impacts such as infrastructure cost overruns, site outages, skewed sales analytics, and brand damage from lost, frustrated customers.

Continuous Protection for Ubiquitous API Connectivity

By providing continuous, real-time, end-to-end API risk discovery, detection and defense, the Cequence Unified API Threat Protection solution is able to allow IT teams to deliver secure business connectivity without stress, worry, or lost efficiency. The solution can:

• Deliver visibility of the full runtime API inventory, including risk and compliance states.

• Monitor suspicious and malicious traffic, as well as risky changes to any API.

• Respond to threats in real-time with stealthy blocking and native mitigation, while also cutting down on false positives and manual intervention.

The solution delivers this state of API protection without getting in the way of development or operations efforts, so the whole organisation is united in working more securely, even as new APIs continue to roll out.

Checkmarx has introduced Checkmarx API Security, the first true “shift-left” API security solution. Building on the launch of Checkmarx Fusion, which prioritizes and correlates vulnerability data from across different AppSec engines, Checkmarx API Security is delivered as part of the industry-leading application security platform Checkmarx One. The developer workflow-oriented solution inventories even shadow and zombie APIs as part of the most comprehensive inventory and remediation solution available to secure the entire API lifecycle.
In expanded collaboration between the two companies, joint DevOps teams will provide an optimised experience across all touchpoints for Vodafone Germany’s customers.
Kong’s API platform streamlines innovation processes to enhance competitive advantage at banking group.
According to a recent research study from Epicor, a resounding 96 percent of organisations surveyed worldwide have confidence in their ability to navigate the early stages of the ERP purchase process, from initial evaluation to requirements planning. However, 48 percent cited a strong need for more support and partnership from their ERP providers during the latter stages of the purchase journey – from implementation, go-live, and ongoing customer care – to ease migration and realise faster time-to-value.
World’s largest software development platform launches innovative new workspace initiative in landmark deal to “fill the gap” in its remote first workforce strategy.
A new survey from leading market research firm IDC reveals that a unified view of digital infrastructure is essential for IT teams that must improve the digital customer experience while boosting overall organizational productivity.
Delphix has launched two new data appliances powered by Dell Technologies. Both appliances are fully engineered software solutions optimized for performance and reliability.
Offering automates cloud-native application security from design to production.