Français
Deutsch
Español
Italiano
Português
日本語
한국어
Русский
CS Pharmaceuticals snaps up AxeroVision to shore up ophthalmology portfolio
May 26, 2023Genetic risk, adherence to healthy lifestyle and acute cardiovascular and thromboembolic complications following SARS
Feb 03, 2024Erika Jayne denies Ozempic use, credits menopause for weight loss
Apr 02, 2024Browning Named to Watch Lists at Punter and Kicker
Jul 29, 2023How to Build a Successful API Strategy
Jul 23, 2023Akamai unveils API Security solution to stop API attacks, detect abuse
Aug 18, 2023The solution works with any API gateway, WAAP, or cloud implementation and features a managed threat hunting service.
Cloud security vendor Akamai has announced the release of API Security, a product built to stop application programming interface (API) attacks and detect business logic abuse inside APIs. Akamai's stand-alone API Security solution compliments its existing App & API Protector (AAP) solution, and is a result of the firm's acquisition of API security company Neosec. It works with any API gateway, web application and API protection (WAAP), or cloud implementation. API Security provides visibility into API activity using behavioral analytics to detect threats, and it analyzes historical data uniquely stored in a data lake, Akamai said.
APIs are used to access and query data as well as perform activities such as enrichment and data modifications as part of processes. This means the APIs themselves must be secured as well as the data that is flowing through them. Growing use of APIs gives attackers more ways to break authentication controls, exfiltrate data, or perform disruptive acts, while the traditional approaches to web application security often don't apply to API security.
APIs made the headlines last year when 9.8 million Optus customers had personal information stolen and ransomed due to a publicly exposed API that did not require authentication. Meanwhile, Twitter, T-Mobile, and a law enforcement app all had API vulnerabilities that exposed data.
API attackers targeting financial services and insurance APIs have become increasingly active, with a 244% increase in unique attackers between the first and second halves of last year, according to the 2023 State of API Security for Financial Services and Insurance report from Salt Security. What's more, 92% of financial/insurance respondents said they have experienced a significant security issue in production APIs over the past year, and nearly one out of five have suffered an API security breach. Meanwhile, 71% of respondents said their existing tools are not very effective in preventing API attacks.
Akamai's new API Security offering delivers API discovery, visibility, and risk auditing combined with detection and response capabilities that enable full investigation and threat hunting, the firm said in a press release. It features Shadow Hunt, a managed threat hunting service that delivers machine learning signals to human analysts for investigation, Akamai said.
The combination of Akamai's AAP solution and new API Security offering also gives customers:
Akamai customers can also take advantage of edge connector, an integration that helps save the time, energy, and cost of product integration, the firm said.
API growth triggering increasing attacks, security risksAkamai API security solution features managed threat hunting service