Cequence Security Unified API Protection enables security teams to protect their APIs
At RSA Conference 2022, Cequence Security announced the Unified API Protection solution, a new approach that helps security teams discover, detect and defend APIs.
While many companies today are using the term “API security” to describe their offerings, these solutions often handle only a few of the many functions actually needed to protect APIs end to end and from becoming a source of vulnerability that can be used as an attack vector. A new mindset, a new category, and a true end-to-end solution was needed, and this is where Unified API Protection comes in.
The company also announced the release of API Spyder, an API attack surface discovery tool that provides security teams with an attacker’s view of their publicly exposed APIs and resources. With the addition of API Spyder, Cequence Security now offers the most complete end-to-end solution for the full API Protection lifecycle on the market.
By stopping attacks without disrupting good traffic, security teams deploying the Cequence Unified API Protection solution enable their organizations to increase revenues, lower service delivery costs, and improve user experience across all their API-enabled applications. And they relieve the anxiety and costs of unknown risk because they eliminate previously unprotected and unmitigated API security and compliance exposures.
The Cequence Unified API Protection solution improves visibility and protection while reducing cost, minimizing fraud, business abuse, data losses, and non-compliance while creating attack futility, failure, and fatigue for even the most relentless of attackers.
“APIs are a double-edged sword. On one edge APIs are the currency of business exchange driving innovation and commerce. On the other they are open doorways for attackers, often implemented without security oversight or baseline best practices and standards and are now the number one threat surface under attack,” said Ameya Talwalkar, co-founder & CEO of Cequence Security. “With the addition of API Spyder to Cequence Security’s technology portfolio, we are now protecting companies from losses across the entire API lifecycle with the industry’s first Unified API Protection Solution.”
A new, modern approach to successfully protect APIs
Unified API Protection is different from fragmented or incomplete API security offerings because it’s a methodology designed to account for multiple types of risk, offer autonomous discovery and more importantly, provide native inline resolution without relying on third parties. These solutions are based on three functional pillars:
- Discover: New API Spyder, an agentless API attack surface discovery tool that provides security teams with an attacker’s view of their publicly exposed APIs and resources.
- Detect: API Sentinel enables security teams to discover and track their APIs; assess and remediate risks to eliminate coding errors that can lead to data loss and business disruption.
- Defend: Bot Defense enables security teams to protect their APIs from the full range of automated API attacks and eliminate bot-induced business impacts such as infrastructure cost overruns, site outages, skewed sales analytics, and brand damage from lost, frustrated customers.
Continuous protection for ubiquitous API connectivity
By providing continuous, real-time, end-to-end API risk discovery, detection and defense, the Cequence Unified API Threat Protection solution is able to allow IT teams to deliver secure business connectivity without stress, worry, or lost efficiency.
This solution can:
- Deliver visibility of the full runtime API inventory, including risk and compliance states.
- Monitor suspicious and malicious traffic, as well as risky changes to any API.
- Respond to threats in real-time with stealthy blocking and native mitigation, while also cutting down on false positives and manual intervention.
The solution delivers this state of API protection without getting in the way of development or operations efforts, so the whole organization is united in working more securely, even as new APIs continue to roll out.