About Us

ThreatX Introduced Quick Start Program for API Protection

ThreatX has introduced the API Protection Quick Start Program, which is designed to aid organizations in better protecting their APIs by quickly deploying real-time protection against botnet, DDoS, and complex, multi-mode attacks.

APIs are a gold mine for attackers because they allow applications to share data and are increasingly being used to streamline communication between consumers and business partners. As a result, API adoption has outpaced security teams’ ability to protect against threats, leaving the connected systems vulnerable. While some vendor offerings claim to provide complete API security, they frequently lack bot protection and real-time blocking capabilities, leaving customers vulnerable to threats.

Billy Toomey, Vice President of Sales at ThreatX commented, “We’ve seen firsthand that security teams are struggling to understand how to protect their organization’s APIs against real-time threats, and they’re often trying to do so with scarce time, resources, and human power. We’re thrilled to launch this program, and are confident it will empower small, midsized, and enterprise customers to begin building their API security programs with the full support of ThreatX SOC.”

ThreatX Quick Start program helps businesses get started with API protection by allowing them to build their API security program without putting their resources at risk. The program provides real-time monitoring and blocking of API attacks, allowing protection without the need for additional tools or attack data that must be analyzed after the fact. The fully managed program offers customers support from ThreatX Security Operations Center (SOC), which offers 24/7 coverage and expertise.

Read more articles:

API Security Should Be Your Priority in 2022

Neosec Launched ShadowHunt For API Security

Neosec launched ShadowHunt, a managed threat hunting service staffed by experts, to supplement its platform with human oversight from active threat hunters to identify the most hidden and obfuscated API abuse. Neosec’s SaaS platform discovers all APIs, analyzes their behavior, audits risk, and eliminates threats lurking within. It brings together security and development teams to protect modern applications at scale from threats.

Neosec applies threat hunting techniques like those used in EDR and XDR to API security. ShadowHunt provides security teams with the assurance that API security experts are investigating unusual behavior on their API estate.

Giora Engel, co-founder, and chief executive officer of Neosec stated, “The increasing potential for insiders or attackers to utilize business APIs for criminal or malicious gain requires a new level of scrutiny and sophistication. The new ShadowHunt service augments our platform with an expert team to monitor API usage and hunt for fraud, abuse, or critical vulnerabilities without any drain on an organization’s existing security team.”

Organizations can manage the growing risk of manipulation, theft, and misuse of core business systems, assets, and data by combining the ShadowHunt service with the Neosec cloud-based platform. Because APIs are increasingly used to connect important business systems to customers, suppliers, and partners, the service is ideal for companies where security teams are understaffed or lack the expertise required to identify threats in business API traffic.

The Neosec platform handles API vulnerabilities by automatically and continuously identifying all APIs in use by a company, assessing their risk posture, and monitoring user behavioral anomalies that could involve data theft or other misuses. Most businesses do not have a complete API inventory, let alone an understanding of the nature of typical API usage. The ShadowHunt service can now supplement the use of the Neosec platform with a team of experts to respond quickly to findings, investigate potential threats, and recommend immediate remediation and actions.

The ShadowHunt service and the Neosec platform work together to provide a quick way to incorporate full monitoring and investigation of anomalous business API usage without interfering with existing security operations or team workload. The combination can quickly and transparently add protection against vulnerability exploits and API business abuse.

Read more articles:

API Security Should Be Your Priority in 2022

API Security Should Be Your Priority in 2022

API security represents the application of any security best practice to APIs, which are widely used in modern applications. API security encompasses API access control and privacy, as well as the detection and remediation of API-related attacks such as API reverse engineering and the exploitation of API vulnerabilities.

Whether an application focuses on consumers, or anyone else, the client-side (mobile app or web app) interacts with the server-side via Application Programming Interface (API). APIs make it simple for a developer to create a client-side app. APIs enable microservice architectures as well.

An attack on API could include bypassing the client-side application to disrupt the operation of an application for other users or to compromise private information. API security is concerned with securing this application layer and addressing what might happen if a malicious hacker interacts with the API.

According to Infosecurity Outlook, “by 2023, API abuses will be the most common attack vector resulting in data breaches for enterprise web applications. To avoid these attacks, it is best to take a continuous approach throughout the API development and delivery cycle, designing security into APIs.”

Features of API Security

API security is concerned with securing the APIs that you expose directly or indirectly. API security is less concerned with the APIs you use that are provided by third parties, though analyzing outgoing API traffic, one can get valuable insights that can be used whenever possible.

It’s also worth noting that API security as a practice involves several teams and systems. API security includes network security concepts like rate limiting and throttling, as well as data security, identity-based security, and monitoring.

Technology advancements such as cloud services, API gateways, and integration platforms enable API providers to secure APIs in novel ways. The technology stack you use to build your APIs has an impact on, how secure they are.

Larger organizations have different departments, and they can develop their own applications using their own APIs. Large organizations also end up with multiple API stacks or API silos because of mergers and acquisitions.

As we know, API security requirements can be directly mapped to the technology of a single silo when all your APIs are contained within it. In the future, these security configurations should be portable enough to be extracted and mapped to another technology.

However, in heterogeneous environments, API security rules are typically defined using API security-specific infrastructure that operates across these API silos. The connectivity between API silos and API security infrastructure can be achieved by using the sidecars, sideband agents, and APIs integrated between cloud and on-premises deployments.

API Discovery

There are numerous barriers that prevent security operatives from having full visibility into all APIs exposed by their organization. API silos reduce API visibility by providing only a subset of APIs under disconnected governance.

API discovery is a tussle between API providers and hackers who will easily exploit the APIs once discovered. API traffic metadata can be used to locate APIs before they are discovered by attackers. This information is extracted from API gateways, load balancers, or directly inline network traffic, and then fed into a specialized engine that generates a useful list of APIs that can be compared to API management layer catalogues.

OAuth and API Access Control

To limit API resources to only those users who should be able to access them. The user, as well as any applications acting on their behalf, must be identified. This is typically accomplished by requiring client-side applications to include a token in API calls to the service, which can then validate that token and retrieve user information from it. OAuth is the standard that describes how a client-side application first obtains an access token. OAuth defines numerous grant types to accommodate different flows and user experiences.

API Data Governance and Privacy Protection

API leaks occur because data flows through APIs. As a result, API security must also include inspecting the structured data flowing into and out of your APIs and enforcing rules at the data layer.

Because data in your API traffic is structured predictably, enforcing data security by inspecting API traffic is an excellent choice for this task. API data governance, in addition to [yes/no] type rules, allows you to transform the data structured into your API traffic in real-time for redaction purposes. This pattern is commonly used to redact specific fields that may contain information that a user’s privacy settings dictate should be hidden from the requesting application.

API Threat Identification

API threat detection is a logical extension of general threat protection measures. APIs, for example, are frequently protected by a firewall, which provides some basic security. APIs are sometimes protected by a web application firewall (WAF). A WAF may scan API traffic to detect signature-based threats such as SQL injections and other injection attacks. API gateways also play a role in API-specific threat detection. A gateway may impose a strict schema on the way in as well as general input sanitization. In addition to acting as a policy enforcement point, it will look for deep nesting patterns, and XML bombs, and apply rate limits.

API Analytics and Behaviour

An AI engine can build models for what normal API traffic looks like using API traffic metadata and then use this model to look for anomalous behavior. These anomalies can aid in the detection of ongoing attacks, but they can also indicate system misbehaviors and other non-malicious disruptions to your services, such as friendly fire. Such a layer can pinpoint the source of this attack or misbehavior by analyzing API traffic metadata, and this information can then be used to cease the incident in progress and fix it.

Conclusion

APIs are highly regarded targets for malicious actors and are expected to become the primary attack. APIs require a dedicated approach to security and compliance due to the critical role they play in digital transformation and the access to internal sensitive data and systems they provide.

Read more articles:

What is API Security?

Noname Security and BlueFort Security Collaborate to Provide Proactive API Security

Noname Security, a leader in application programming interface (API) security and BlueFort Security, the UK’s largest provider of cybersecurity solutions, have announced a strategic partnership agreement. The Noname API Security Platform is the only solution that addresses all three pillars of API security: API Posture Management, API Runtime Security, and Secure API Software Development Life Cycle (SDLC).

VP EMEA at Noname Security, Dirk Marichal stated, “Partnering with BlueFort is an excellent fit for us given the team’s expertise as a cyber security partner providing valuable technical expertise and hands-on support to businesses across the UK. BlueFort’s service offerings are highly evolved and built upon solid skill sets and subject matter expertise, making the partnership a natural choice in a fast-moving technology area where users need guidance, thought leadership and innovation. The Noname API Security platform will help BlueFort customers mitigate risks, prevent attacks, and keep business APIs secure.” 

The strategic collaboration with Noname will add to BlueFort’s already extensive cybersecurity offerings, which are based on carefully chosen partnerships, intelligence, and knowledge to create innovative, end-to-end IT security solutions to protect BlueFort customers’ environments. The Noname API Security Platform will also provide API vulnerability scanning as part of BlueFort Evolve, a cyber-focused services package designed to provide enhanced support, additional incident response resources, and specialist technical and professional services to help internal IT teams improve their security posture.

Customers of BlueFort will have significant exposure to the Noname API Security Platform as part of the partnership agreement, which will allow them to proactively secure their environments against API security vulnerabilities, misconfigurations, and design flaws, as well as provide API attack protection with automated detection and response.

The Noname API Security Platform can connect to any environment and seamlessly interacts with an organization’s existing technological stack, in addition to addressing the whole API security scope. It is the only API security platform that supports both SaaS and on-premises deployments, as well as API testing before production, allowing customers to uncover risks early in the API software development lifecycle.

The CEO of Sales & Marketing at BlueFort Security, Dave Henderson, commented, “We are pleased to be able to offer BlueFort customers access to the most powerful, complete, and easy-to-use API security platform – both as a standalone solution and as part of our value-add BlueFort Evolve offering. IT discovery is now a top priority for CISOs, who are faced with securing an ever-expanding attack surface in an increasingly hostile global threat environment. Noname Security provides a complete view of API security and helps CISOs proactively secure their environments from vulnerabilities and misconfiguration. This strategic partnership reflects our shared ethos of providing innovative solutions that focus on addressing fast-evolving security challenges across all market sectors.”

ThreatX Collaborates with Distology

ThreatX enables enterprises to detect and respond to sophisticated threats to their APIs and web applications by combining AI and machine learning capabilities along with comprehensive managed services. ThreatX has announced a partnership with Distology which is a leading cloud security distributor in the United Kingdom and other European markets. ThreatX will be able to deliver its API protection platform and managed services at scale through this partnership with Distology. ThreatX will gain from Distology’s extensive outreach, knowledge, and strong relationships covering the United Kingdom, Ireland, and Benelux markets.

Dave Howell, CMO at ThreatX commented, “Distology will jumpstart ThreatX’s expansion into the U.K. and neighboring European markets. When choosing partners, Distology identifies and evaluates products that it considers to be ‘best of breed,’ and our solution meets, and exceeds, these criteria. We are thrilled to offer our solution in both new and existing markets as we continue to build upon our tremendous start to 2022.”

ThreatX’s success is strong and the partnership with Distology is evident of that, the company reported record-breaking growth in the first quarter of calendar 2022 alone, with record new business bookings and increased average revenue per customer. In addition, the company recently expanded and improved its API protection capabilities to provide customers with better protection and visibility into their API attack surface.

Billy Toomey, VP of Sales, ThreatX stated, “Distology is one of the most thoughtful and strategic security software distributors I’ve encountered. Rather than focus on transactional relationships, the Distology team builds deep, and meaningful, partnerships centered on solving customer problems, I’m excited for our partnership and believe this is truly a win-win for both companies, as Distology offers its partners the unique ability to help customers both identify and stop attacks on APIs in real-time.”

ThreatX’s API protection platform protects APIs from all threats, including DDoS attempts, bot attacks, API abuse, exploitation of known vulnerabilities, and zero-day attacks. ThreatX protects APIs for businesses in every industry around the world effectively and efficiently.

Read more articles:

API Security?

Cloud Security?

 TripActions chooses Salt Security to protect the APIs operating its cloud-based corporate travel management platform

TripActions, the fastest-growing travel and expenditure management platform, has installed the Salt Security API Protection Platform to secure the APIs that underpin its platform, according to Salt Security, the leading API security business. TripActions was able to identify potential API issues and exposed data due to the Salt platform’s ongoing discovery capabilities. The platform has also provided the organization with remediation insights into possible vulnerabilities, which it can employ to strengthen its API security posture.

With the commencement of the COVID-19 epidemic, TripActions, a global leader in corporate travel and spend management, quickly changed operations to adapt to a rapidly evolving travel sector. First, the organization made certain that it could assist clients and their families in returning home safely and quickly. The company then expanded its operations to include a wide range of safety services as well as increased business capabilities including real-time analytics. As a result of these modifications, the company’s API footprint grew quickly. The firm also took advantage of the event to debut TripActions LiquidTM, a new all-in-one travel and spending management system. The company’s push into the FinTech sector is formalized with the development of this platform, which increased the company’s reliance on APIs even further. TripActions is able to assure that its APIs were secure during the development and runtime phases of these extensions and that the protection would scale with the platform’s growth.

“Last year brought a major shift in the needs of our customers, which inspired us to launch creative new services. With APIs as part of the very foundation of TripActions, platform expansion created a broader attack surface, along with the corresponding potential for risk and exposure,” said Tarik Ghbeish, product security engineer, TripActions. “Traditional tooling such as WAFs and gateways are not able to stop API attacks. Salt Security brings unique capabilities to find and stop API attacks. It also provides rich discovery of our APIs and exposed data – all at the comprehensive scale we need.”

The Salt Security API Protection Platform delivers full coverage across all APIs for API-first enterprises, providing valuable analysis, context, and remedial insights needed to defend APIs against attacks. Its patented artificial intelligence (AI) and big data engine can detect early warning signs of an attack, stop attackers in their tracks, and turn attackers into penetration testers, giving useful insights that can be used to identify and eliminate vulnerabilities, preventing sensitive data from being exposed. TripActions has found the Salt platform to be particularly helpful in identifying and safeguarding shadow APIs, detecting attackers, and getting remedial information to help enhance API security posture on a continuous basis.

“TripActions’ innovative capabilities bring corporate travel, finance, billing, and expense management into a single platform. As the company has scaled its applications to meet the demands of the changing business landscape, its platforms – like with most companies driving digital innovation – become increasingly reliant on a quickly growing number of APIs. Many innovators are faced with this challenge of ever-growing API-connected ecosystems, which hackers are increasingly targeting as a lucrative treasure trove. Salt Security makes it possible to stop attackers in their tracks while remediating exposures and vulnerabilities that can emerge when developing application environments to eliminate blind spots and create sustained improvements in an organization’s security program,” said Roey Eliyahu, CEO and co-founder of Salt Security.

Salt Security introduced Salt Labs to increase API Security awareness around the world

Salt Security, the industry’s leading API security firm, announced the launch of Salt Labs, a new public forum for sharing API vulnerability research. Salt Labs will be a resource for organizations wishing to protect infrastructure against API risk through vulnerability and threat research, as well as industry reports. It will also raise public awareness about API security threats, supporting Salt Security’s aim of providing comprehensive API security and accelerating corporate innovation by making APIs attack-proof.

Concerns about API security have become a huge obstacle to company innovation. According to the Salt Security State of API Security Report, 66 percent of companies have put off deploying a new app due to API security concerns. To address these concerns, Salt Labs will publish research and studies that businesses can utilize to strengthen their API security posture and prevent dangers to API-centric enterprises. Salt Labs will focus on offering high-impact threat research, identifying the latest API attack vectors, and giving remediation best practices to make API security programs more agile and actionable, using a strong technical understanding of API risks, security flaws, and misconfigurations.

“APIs represent an important and often overlooked threat vector that presents a range of challenges often not included in research efforts. We look forward to the dividends of the public research efforts of Salt Labs, which will increase our awareness of emerging API risks and help us harden our application environments to better protect both our employees and customers,” said Steve Ward, CISO, The Home Depot.

To date, the private sharing of API threat research findings has emphasized the need for further education about critical API security challenges and vulnerabilities, which are frequently assumed to be mitigated by traditional solutions like Web Application Firewalls (WAFs) and API gateways. Salt Labs’ goal is to improve users’ ability to spot security flaws in their own APIs, allowing them to take strong, proactive steps to harden their APIs and back-end systems. As a result, more businesses will be able to protect and maintain the integrity of sensitive consumer and business-critical data.

“With the growth of APIs and the central role they play in today’s application environments, the need for unbiased, relevant, and reliable research has prompted us to share the groundbreaking API security research that our team has been conducting for years. Salt Labs is dedicated to extending the safety of enterprises as they innovate in our increasingly digital and connected world. By now making this research public, we will increase education around API security and related attack vectors so that organizations of all types can strengthen their API security measures,” said Roey Eliyahu, co-founder and CEO, Salt Security.