Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label API security. Show all posts
Software
API security Broward Data Breach Cloud based services Cyber Security CyberCrime CyberThreat Encoding IT Infrastructure Malicious actor Operators saaS Software

Securing the SaaS Browser Experience Through Proactive Measures

 


Increasingly, organisations are using cloud-based technologies, which has led to the rise of the importance of security concerns surrounding Software as a Service (SaaS) platforms. It is the concept of SaaS security to ensure that applications and sensitive data that are delivered over the Internet instead of being installed locally are secure. SaaS security encompasses frameworks, tools, and operational protocols that are specifically designed to safeguard data and applications. 

Cloud-based SaaS applications are more accessible than traditional on-premise software and also more susceptible to a unique set of security challenges, since they are built entirely in cloud environments, making them more vulnerable to security threats that are unique to them. 

There are a number of challenges associated with business continuity and data integrity, including unauthorized access to systems, data breaches, account hijacking, misconfigurations, and regulatory compliance issues. 

In order to mitigate these risks, robust security strategies for SaaS platforms must utilize multiple layers of protection. They usually involve a secure authentication mechanism, role-based access controls, real-time threat detection, the encoding of data at rest and in transit, as well as continual vulnerability assessments. In addition to technical measures, SaaS security also depends on clear governance policies as well as a clear understanding of shared responsibilities between clients and service providers. 

The implementation of comprehensive and adaptive security practices allows organizations to effectively mitigate threats and maintain trust in their cloud-based operations by ensuring that they remain safe. It is crucial for organizations to understand how responsibility evolves across a variety of cloud service models in order to secure modern digital environments. 

As an organization with an on-premises setup, it is possible to fully control, manage, and comply with all aspects of its IT infrastructure, ranging from physical hardware and storage to software, applications, data, and compliance with regulatory regulations. As enterprises move to Infrastructure as a Service (IaaS) models such as Microsoft Azure or Amazon Web Services (AWS), this responsibility begins to shift. Security, maintenance, and governance fall squarely on the IT team. 

Whenever such configurations are used, the cloud provider provides the foundational infrastructure, namely physical servers, storage, and virtualization, but the organization retains control over the operating systems, virtual machines, networking configurations, and application deployments, which are provided by the organization.

It is important to note that even though some of the organizational workload has been lifted, significant responsibilities remain with the organization in terms of security. There is a significant shift in the way serverless computing and Platform as a Service (PaaS) environments work, where the cloud provider manages the underlying operating systems and runtime platforms, making the shift even more significant. 

Despite the fact that this reduces the overhead of infrastructure maintenance, organizations must still ensure that the code in their application is secure, that the configurations are managed properly, and that their software components are not vulnerable. With Software as a Service (SaaS), the cloud provider delivers a fully managed solution, handling everything from infrastructure and application logic to platform updates. 

There is no need to worry, however, since this does not absolve the customer of responsibility. It is the sole responsibility of the organization to ensure the safety of its data, configure appropriate access controls, and ensure compliance with particular industry regulations. Organizations must take a proactive approach to data governance and cybersecurity in order to be able to deal with the sensitivity and compliance requirements of the data they store or process, since SaaS providers are incapable of determining them inherently. 

One of the most important concepts in cloud security is the shared responsibility model, in which security duties are divided between the providers and their customers, depending on the service model. For organizations to ensure that effective controls are implemented, blind spots are avoided, and security postures are maintained in the cloud, it is crucial they recognize and act on this model. There are many advantages of SaaS applications, including their scalability, accessibility, and ease of deployment, but they also pose a lot of security concerns. 

Most of these concerns are a result of the fact that SaaS platforms are essentially web applications in the first place. It is therefore inevitable that they will still be vulnerable to all types of web-based threats, including those listed in the OWASP Top 10 - a widely acknowledged list of the most critical security threats facing web applications - so long as they remain configured correctly. Security misconfiguration is one of the most pressing vulnerability in SaaS environments today. 

In spite of the fact that many SaaS platforms have built-in security controls, improper setup by administrators can cause serious security issues. Suppose the administrator fails to configure access restrictions, or enables default configurations. In that case, it is possible to inadvertently leave sensitive data and business operations accessible via the public internet, resulting in serious exposure. The threat of Cross-Site Scripting (XSS) remains a persistent one and can result in serious financial losses. 

A malicious actor can inject harmful scripts into a web page that will then be executed by the browser of unsuspecting users in such an attack. There are many modern frameworks that have been designed to protect against XSS, but not all of them have been built or maintained with these safeguards in place, which makes them attractive targets for exploitation. 

Insider threats are also a significant concern, as well. The security of SaaS platforms can be compromised by employees or trusted partners who have elevated access, either negligently or maliciously. It is important to note that many organizations do not enforce the principle of least privilege, so users are given far more access than they need. This allows rogue insiders to manipulate or extract sensitive data, access critical features, or even disable security settings, all with the intention of compromising the security of the software. 

SaaS ecosystems are facing a growing concern over API vulnerabilities. APIs are often critical to the interaction between SaaS applications and other systems in order to extend functionality. It is very important to note that API security – such as weak authentication, inadequate rate limiting, or unrestricted access – can leave the door open for unauthorized data extraction, denial of service attacks, and other tactics. Given that APIs are becoming more and more prevalent across cloud services, this attack surface is getting bigger and bigger each day. 

As another high-stakes issue, the vulnerability of personally identifiable information (PII) and sensitive customer data is also a big concern. SaaS platforms often store critical information that ranges from names and addresses to financial and health-related information that can be extremely valuable to the organization. As a result of a single breach, a company may not only suffer reputational damage, but also suffer legal and regulatory repercussions. 

In the age when remote working is increasingly popular in SaaS environments, account hijacking is becoming an increasingly common occurrence. An attacker can compromise user accounts through phishing, credential stuffing, social engineering, and vulnerabilities on unsecure personal devices—in combination with attacks on unsecured personal devices. 

Once inside the system, they have the opportunity to escalate privileges, gain access to sensitive assets, or move laterally within integrated systems. In addition, organizations must also address regulatory compliance requirements as a crucial element of their strategy. The industry in which an entity operates dictates how it must conform to a variety of standards, including GDPR, HIPAA, PCI DSS, and SOX. 

In order to ensure compliance, organizations must implement robust data protection mechanisms, conduct regular security audits, continuously monitor user activities, and maintain detailed logs and audit trails within their SaaS environments in order to ensure compliance. Thus, safeguarding SaaS applications requires a multilayer approach that goes beyond just relying on the vendor’s security capabilities. 

It is crucial that organizations remain vigilant, proactive, and well informed about the specific vulnerabilities inherent in SaaS platforms so that a secure cloud-first strategy can be created and maintained. Finally, it is important to note that securing Software-as-a-Service (SaaS) environments involves more than merely a set of technical tools; it requires a comprehensive, evolving, and business-adherent security strategy. 

With the increasing dependence on SaaS solutions, which are becoming increasingly vital for critical operations, the security landscape becomes more complex and dynamic, resulting from distributed workforces, vast data volumes, and interconnected third-party ecosystems, as well as a continuous shift in regulations. Regardless of whether it is an oversight regarding access control, configuration, user behavior, or integration, an organization can suffer a significant financial, operational, and reputational risk from a single oversight. 

Organizations need to adopt a proactive and layered security approach in order to keep their systems secure. A continuous risk assessment, a strong identity management and access governance process, consistent enforcement of data protection controls, robust monitoring, and timely incident response procedures are all necessary to meet these objectives. Furthermore, it is also necessary to cultivate a cybersecurity culture among employees, which ensures that human behavior does not undermine technical safeguards. 

Further strengthening the overall security posture is the integration of compliance management and third-party risk oversight into core security processes. SaaS environments are resilient because they are not solely based on the cloud infrastructure or vendor offerings, but they are also shaped by the maturity of an organization's security policies, operational procedures, and governance frameworks in order to ensure their resilience. 

A world where digital agility is paramount is one in which companies that prioritize SaaS security as a strategic priority, and not just as an IT issue, will be in a better position to secure their data, maintain customer trust, and thrive in a world where cloud computing is the norm. Today's enterprises are increasingly reliant on browser-based SaaS tools as part of their digital infrastructure, so it is imperative to approach safeguarding this ecosystem as a continuous business function rather than as a one-time solution. 

It is imperative that organizations move beyond reactive security postures and adopt a forward-thinking mindset to align SaaS risk management with the long-term objectives of operational resilience and digital transformation, instead of taking a reactive approach to security. As part of this, SaaS security considerations should be integrated into procurement policies, legal frameworks, vendor risk assessments, and even user training programs. 

It is also necessary to institutionalize collaboration among the security, IT, legal, compliance, and business units to ensure that at all stages of the adoption of SaaS, security impacts are considered in decision-making. As API dependency, third-party integration, and remote access points are becoming more important in the SaaS environment, businesses should invest in visibility, automation, and threat intelligence capabilities that are tailored to the SaaS environment in order to further mitigate their attack surfaces. 

This manner of securing SaaS applications will not only reduce the chances of breaches and regulatory penalties, but it will also enable them to become strategic differentiators before their customers and stakeholders, conveying trustworthiness, operational maturity, and long-term value to them.
Read more »
Misconfiguration
API security cloud compliance Cloud Computing Cloud Migration Cloud Security Cyber Security Cybersecurity data security IAM Misconfiguration

Cloud Security Report Highlights Misconfiguration and IAM as Top Threats

Traditional cloud security issues once associated with service providers are declining in significance, as per the Cloud Security Alliance's 2024 Top Threats report,  However, new challenges persist.


Misconfigurations, weak identity and access management (IAM), and insecure application programming interfaces (APIs) continue to pose the most significant risks to cloud environments. These issues have held top rankings for several years, indicating their persistent nature and the industry's ongoing focus on addressing them.

Other critical concerns include inadequate cloud security strategies, vulnerabilities in third-party resources and software development, accidental data leaks, and system weaknesses. While threats like denial of service and shared technology vulnerabilities have diminished in impact, the report highlights the growing sophistication of attacks, including the use of artificial intelligence.

The cloud security landscape is also influenced by increasing supply chain risks, evolving regulations, and the rise of ransomware-as-a-service (RaaS). Organizations must adapt their security practices to address these challenges and protect their cloud environments.

The report's findings are based on a comprehensive survey of cybersecurity professionals, emphasizing the importance of these issues within the industry.
 
Key Takeaways:
* Misconfigurations, IAM, and API security remain top cloud security concerns.
* Attacks are becoming more sophisticated, requiring proactive security measures.
* Supply chain risks, regulatory changes, and ransomware pose additional threats.
* Organizations must prioritize cloud security to mitigate financial and reputational risks. 

Read more »
TSG Cyber Safety Alerts
Akamai API security Cyber Security Cyberattacks CyberCrime CyberThreat TSG Cyber Safety Alerts

Akamai Expands into API Security with $450 Million Noname Deal

 


It was founded in 2020 and is currently one of the top API security vendors in the world. After emerging from stealth in a year, Noname has reached unicorn status, as of 2021. As a result of the $220 million funding raised, Noname will be able to expand Akamai's existing API Security offering to satisfy customer demand and market demands. 

In addition to scaling up Akamai's sales and marketing resources, the acquisition will also enable Akamai to expand its existing API Security solution. Upon acquiring Akamai, the company will provide a comprehensive API security suite including shadow API detection and vulnerability and attack detection. Akamai powers and protects life online through its platform. 

Millions of people live, work, and play on Akamai's digital experiences every day, and leading companies around the world choose Akamai to help build, deliver, and secure them. A massively distributed edge and cloud platform from Akamai, Akamai Connected Cloud puts users closer to applications and experiences and keeps threats at bay. 

The Akamai acquisition will enable Akamai to provide customers with an API security suite that will enable them to find and detect “shadow” APIs as well as vulnerabilities and attacks better. In addition to providing customers with an enhanced deployment choice, Akamai's enhanced offering is expected to include a portfolio of unparalleled technology integrations in the industry. 

In addition to integrating Noname into Akamai's Application and API platform soon after the acquisition is complete, Akamai also plans to make Noname available to Akamai's customers as soon as possible. Among the many announcements that Akamai Technologies Inc., a provider of content delivery networks and cloud services, made today was Akamai's announcement that it would acquire Israeli application programming security company Noname Security for approximately $450 million. 

The two companies were reported to be in talks about a deal in February. According to a recent report published last month, talks between the two companies were in the advanced stages, with a $500 million acquisition price possible. Noname Security was founded in 2020, and its security platform provides enterprises with a comprehensive way of observing and safeguarding all kinds of application programming interfaces, regardless of whether they are managed or unmanaged. 

In a bid to “eliminate API blind spots,” this company’s platform was designed to protect enterprises from data leakage, authorization issues, abuse, misuse, and corruption of data. It has raised approximately $220 million to date at Noname Security, and when it raised a $135 million Series C round in December 2021, the startup was valued at $1 billion. 

In other words, the current deal represents a significant disappointment to the company's investors, especially the ones who came in at later stages, like Georgian and Lightspeed, as the deal represents a significant disappointment to most of them. The Syndicate Group (TSG), Insight Partners, Cyberstarts, Next47, and Forgepoint are also among the other investors. This deal underscores the fact that the cybersecurity market is continuing to consolidate as more companies seek to develop their products. 

There have been several cybersecurity startups that have emerged over the last few years, and the number continues to grow. It has been found that many of these companies struggle to scale, raise money or sell their products to customers who are looking to purchase a single point of contact to manage multiple security needs, which is why bigger players are buying the smaller and more promising of these smaller companies. 

In some cases, these discounts may not be as steep as you might think. The last private fundraise of Noname was valued at $1 billion in December 2021, so it is now valued at less than half that amount, making it one of the most expensive private companies in the world. Even though this discount may not be the worst, Wiz was negotiating to acquire Lacework Security for $168 million, a narrowly smaller value than its previous valuation of $8.3 billion, which was a blow to the company. 

There was, however, a problem during due diligence on that deal, which led to its failure. According to Akamai's press release, Noname will be integrated into their API Security business, which is expected to generate revenue of approximately $20 million for the company in fiscal year 2024 as a result of the acquisition. In the meantime, Oz Golan, co-founder and CEO of Noname, explained that the firm would be protected by Akamai when it acquired the firm, ensuring customers' apps were protected across various environments as well as platforms of various vendors.
Read more »
Zero Day
API security Artificial Intelligence Chat Bot Chat GPT Cyber Security Encryption Malicious Codes Sensitive data Unauthorized access Zero Day

Adopting ChatGPT Securely: Best Practices for Enterprises

As businesses continue to embrace the power of artificial intelligence (AI), chatbots are becoming increasingly popular. One of the most advanced chatbots available today is ChatGPT, a language model developed by OpenAI that uses deep learning to generate human-like responses to text-based queries. While ChatGPT can be a powerful tool for businesses, it is important to adopt it securely to avoid any potential risks to sensitive data.

Here are some tips for enterprises looking to adopt ChatGPT securely:
  • Conduct a risk assessment: Before implementing ChatGPT, it is important to conduct a comprehensive risk assessment to identify any potential vulnerabilities that could be exploited by attackers. This will help organizations to develop a plan to mitigate risks and ensure that their data is protected.
  • Use secure channels: To prevent unauthorized access to ChatGPT, it is important to use secure channels to communicate with the chatbot. This includes using encrypted communication channels and secure APIs.
  • Monitor access: It is important to monitor who has access to ChatGPT and ensure that access is granted only to authorized individuals. This can be done by implementing strong access controls and monitoring access logs.
  • Train employees: Employees should be trained on the proper use of ChatGPT and the potential risks associated with its use. This includes ensuring that employees do not share sensitive data with the chatbot and that they are aware of the potential for social engineering attacks.
  • Implement zero-trust security: Zero-trust security is an approach that assumes that every user and device on a network is a potential threat. This means that access to resources should be granted only on a need-to-know basis and after proper authentication.
By adopting these best practices, enterprises can ensure that ChatGPT is used securely and that their data is protected. However, it is important to note that AI technology is constantly evolving, and businesses must stay up-to-date with the latest security trends to stay ahead of potential threats.
Read more »
Twitter Data Breach
API API Attack API security Data Breach Hacking PII Social Engineering Attack Twitter Data Breach

Twitter Data Breach Indicates How APIs Are a Goldmine for PII and Social Engineering


A Twitter API vulnerability that was detected in June 2021, and was later patched, has apparently been haunting the organization yet again. 

In December 2022, a hacker claimed to have access to the personal data of 400 million Twitter users for sale on the dark web markets. And only yesterday, the attacker published the account details and email addresses of 235 million users. 

The breached data revealed by the hacker includes account names, handle creation data, follower count, and email addresses of victims. Moreover, the threat actors can as well design social engineering campaigns to dupe people into providing them their personal data. 

Twitter: A Social Engineering Goldmine 

Social media giants provide threat actors with a gold mine of user data and personal information that they can utilize in order to perform social engineering scams. 

Getting a hold of just a user name, email address, and contextual information of a user’s profile, available to the public, a hacker may conduct reconnaissance on their targeted user and create phishing and scam campaigns that are specifically designed to dupe them into providing personal information. 

In this case, while the exposed information was limited to users’ information available publicly, the immense volume of accounts exposed in a single location (Twitter) has in fact provided a “goldmine of information” to the threat actors. 

The Link Between Social Engineering and API Attacks 

Unsecured APIs allow cybercriminals direct access to users’ Personally Identifiable Information (PII), such as username and password, which is captured when the user connects to any third-party service API. API attack thus provides threat actors with a window to collect large amounts of personal information for scams. 

An instance of this happened just a month ago when a threat actor leveraged an API flaw to gather the data of 80,000 executives throughout the private sector and sell it on the dark web. The threat actor had applied successfully to the FBI's InfraGard intelligence sharing service. 

The data collected during the incident included usernames, email addresses, Social Security numbers, and dates of birth of victims. This highly valuable information was utilized by the threat actors for developing social engineering dupes and spear phishing attacks. 

How to Protect APIs and PII? 

One of the main challenges faced while combating API breaches is how modern enterprises need to detect and secure a large number of APIs. A single vulnerability can put user data at risk of exfiltration, therefore there is little room for error. 

“Protecting organizations from API attacks requires consistent, diligent oversight of vendor management, and specifically ensuring that every API is fit for use […] It’s a lot for organizations to manage, but the risk is too great not to,” says Chris Bowen, CISO at ClearDATA.  “In healthcare, for example, where patient data is at stake, every API should address several components like identity management, access management, authentication, authorization, data transport, exchange security, and trusted connectivity.”

It has also been advised to the security team to not rely solely on simple authentication options like username and password in order to secure their APIs. 

“In today’s environment, basic usernames and passwords are no longer enough […] It’s now vital to use standards such as two-factor authentication (2FA) and/or secure authentication with OAuth,” says Will Au, senior director for DevOps, operations, and site reliability at Jitterbit. 

Moreover, measures such as utilizing a Web Application Firewall (WAF), and monitoring API traffic in real time can aid in detecting malicious activities, ultimately minimizing the risk of compromise.  

Read more »
Web Apps
API API security Cyber Attacks Cyber Criminals money theft Web Apps

Financial Service API and Web Application Attacks are up by 257%

 



Various cyber security networks are publishing reports and providing data on various ongoing issues and every day there is a new addition of cyber threat and consequently to the security arsenal. However, managing the attack surface (vulnerabilities, attack vectors, etc) is the biggest challenge that modern society is witnessing. 

In today’s hybrid and multi-cloud environments, apps and APIs are potential targets that cyberhackers can and will exploit. Recently, CDN provider Akamai Technologies, Inc., has released new research in which they have disclosed that year-over-year 257% growth has been seen in web application and API attacks on financial service institutions. 

The report indicates a growing risk to the financial services sector and a shift to more advanced and sophisticated cyberattacks. The report also revealed that DDoS attacks on financial services institutions have grown by 22%. 

Furthermore, the study shows that cybercriminals are using techniques in their phishing campaigns to bypass two-factor authentication solutions. 

It is alarming that various institutions are collecting data on recent cybercrime, as we mentioned in the beginning. In this regard, Enemy at the Gates, published a report that revealed that roughly 80 percent of threat attackers aim their efforts at customers of financial services in an attempt to find paths of least resistance for monetary gain. 

“Companies have moved key infrastructure over to APIs, so the criminals are following the revenue. But on top of that, APIs are newer and, in many cases, don’t have the same level of maturity in security processes and controls, so are more vulnerable,” Steve Winterfeld, advisory CISO at Akamai said. 

Along with this, the company recommended a number of steps that enterprises can take to prevent API-driven threats. 
  • Institutions should invest in technologies to automatically discover, validate and catalog APIs, at the same time developing a security strategy that incorporates API security testing and API access control. 
  • Increasing transparency over what internal and third-party APIs are used for as it ensures that enterprises are in a position to start mitigating potential threats across the attack surface. 
  • Updating phishing defenses to counter the latest MFA attacks with FIDO2-compliant capabilities should be the priority for the institutions. 
“Finally, they are easier to automate attacks against as they are designed for automation. These factors combine to make APIs a smart place for attackers to focus. This is also why CISOs need to focus on them,” Winterfeld added.
Read more »
Cyberattack
API security API- Application Programming Interface Cyber Security Cyberattack

How API Security is Emerging as a Potential Threat to Data-Driven Enterprises


Application programming interfaces play a big role in data-driven enterprises since they rely largely on their software application architecture. APIs have led to a sea change in the way we use web applications as they act as a communication pipeline between numerous services. Using APIs, developers can incorporate any contemporary technology into their architecture, which is quite helpful for including functionality that a consumer needs. 

APIs, by nature, are at risk of getting the application logic or sensitive data exposed, such as personally identifiable information (PII). Since APIs are generally accessible over public networks, they are often well-documented and can easily be manipulated and reverse-engineered by a threat actor. Additionally, they are susceptible to DDoS attacks. 

Since most significant data leaks happen as a result of defective, vulnerable, or hacked APIs, exposing data like medical, financial, or personal information, it is crucial to ensure the security of APIs. Additionally, if an API is not properly secured, it could result in numerous cyberattacks, making API security essential for today's data-driven enterprises. 

Critical API vulnerabilities and attacks 

In recent times, APIs have emerged as a preferred method for establishing more advanced applications, significantly for mobile devices and the internet of things (IoT). however, some businesses still need to fully understand the possible risks pertaining to their APIs while making them accessible to the public, given the continually evolving application-development methodologies and pressure for innovation. 

Businesses should as well be cautious of these typical security errors before public deployment.

Authentication flaws: Many APIs deny requests for authentication status made by legitimate users. Threat actors could take advantage of these exploits in a variety of ways by replicating API requests, such as session hijacking and account aggregation. 

Lack of encryption: Several APIs lack encryption layers present between the API client and server. Flaws as such could lead a threat actor into intercepting unencrypted or stealing sensitive data via unencrypted or inadequately protected API transactions. 

• Flawed endpoint security: Since most IoT devices and microservices are created in order to communicate with the server via an API channel, hackers often attempt to acquire unauthorized access over them through IoT endpoints. This frequently causes the API to reorder its sequence, leading to a data breach. 

Challenges Faced by API Security

As per Yannick Bedard, head of penetration testing, IBM security X-Force Red, one of the challenges in API security in current times is going through tests for security, for intended logic flows could be difficult to understand, and test it is not clearly comprehended. 

Bedard tells VentureBeat, “In a web application, these logical flows are intuitive through the use of the web UI, but in an API, it can be more difficult to detail these workflows […] This can lead to security testing missing vulnerabilities that may, in turn, be exploited by attackers.” 

“It is common for services to inherently trust data coming from other APIs as clean, only for it to turn out to not be properly sanitized,” says Bedard.  “Malicious data would eventually flow to backend APIs, sometimes behind many other services. These APIs would, in turn, be vulnerable and could provide the attacker an initial foothold into the organization.”

“The top challenge is discovery, as many security teams just aren’t sure how many APIs they have,” says Sandy Carielli, principal analyst at Forrester. 

Carielli said that many teams unknowingly deploy rogue APIs or there may be unmaintained APIs that are still publicly accessible, which can lead to several security hazards. 

According to her, many teams obliviously use rogue APIs, and there may be unmaintained APIs that are still accessible to the general public. This poses a number of security risks. “API specifications could be outdated, and you can’t protect what you don’t know you have,” she said. “Start by understanding what controls you already have in your environment to secure APIs, and then identify and address the gaps. Critically, make sure to address API discovery and inventory.” 

Best practices to enhance API security 

Listed are a few approaches that may be utilized in order to effectively secure your system against API intruders: 

API gateway: API gateway serves as the cornerstone of an API security framework, since it is easy to create, administer, monitor, and secure APIs, and serves as the cornerstone of an API security framework. The API gateway can enable API monitoring, logging, and rate limitation in addition to protecting against a variety of threats. Additionally, it may automatically validate security tokens and restrict traffic depending on IP addresses and other data. 

Web application firewalls (WAF): WAF serves as a layer between traffic and the API gateway or application. It offers an additional security layer against threat actors, like bots, by providing malicious bot detection, the ability to detect attack signatures, and additional IP intelligence, WAFs can be useful for preventing malicious traffic from entering your gateway in the first place. 

Security applications: Standalone security applications with features like real-time protection, static coded and vulnerability scanning, built-time checking, and security fuzzing can as well be incorporated into the security architecture. 

Security in code: An internal form of security that is built into the API or apps is security code. However, it can be challenging to apply uniformly across all of your API portfolios the resources necessary to verify that all security measures are applied appropriately in your API code.   

Read more »
Wib
API API security Cyber Security GigaOm Wib

APIs are Everywhere, but the Security is Lacking



With the gradual increase in the number of APIs (Application Programming Interface), spreading across the corporate infrastructure, API is also emerging as the largest attack surface in applications and a big target for threat actors and cyber attackers. 

According to industry experts, the increase in integrated web and mobile offerings that requires data exchange between products of multiple organizations and the reliability of mobile apps on APIs, has eventually led to growth, making API security a huge challenge for CIOs today.

A 2022 survey by 451 Research found that 41% of organizations surveyed had an API security incident in the last 12 months; 63% of respondents said the incident involved a data breach or loss. 

Consequently, cybersecurity startup Wib is looking to zero in on API security. Wib further announced a $16 million investment led by Koch Disruptive Technologies (KDT), the growth and venture arm of Koch Industries, Inc, with participation from Kmehin Ventures, Venture Israel, Techstars, and existing investors. 

Blocking API attacks in the network: 

According to a report by GigaOm research, API security products were developed before API use expanded to the extent seen today and “were based upon the idea that it is asking for failure to insist developers secure the code they write. The report added that “most developers do not knowingly create insecure code,” if they inadvertently develop code with vulnerabilities, most likely because they are unaware of what vulnerabilities an API might suffer from. 

“Once API security was in use, though,” the report said, “IT quickly discovered a new reason to use a security product: Some vulnerabilities are far easier blocked in the network than in each and every application.” 

The report inferred that the idea that it is more effective in blocking some attacks in the network, including data centers, cloud vendors, and SaaS providers — before access to the API occurs, has spurred demand for products that can do this. 

According to Wib, its API security platform aims at providing visibility across the entire API landscape, right from code to production. This would help unify software developers, cyber defenders, and CIOs around a single holistic view of their complete API domain. 

The platform could leverage real-time inspection, management, and control at every stage of the API lifecycle to automate inventory and API change management, according to the company. Wib was created to identify rogue, zombie, and shadow APIs and analyze business risk and impact, helping organizations reduce and harden their API attack surface. 

According to Gil Don, CEO, and co-founder of Wib, API has moved into the spotlight in the past years. “Organizations are using them as the basis of a new generation of complex applications, underpinning their move to competitive and agile digital business models,’’ says Don. 

A Whole New Category of Cyber Threat

Don explains that APIs account for 91% of all web traffic and they fit with the trend towards microservices architectures and the need to respond dynamically to rapidly changing market conditions. But APIs have given rise “to a whole new category of cybersecurity threats that explicitly targets them as a primary attack vector. Web API traffic and attacks are growing in volume and severity.” 

Over half of APIs are invisible to business IT and security teams. “These unknown, unmanaged, and unsecured APIs are creating massive blind spots for CIOs that expose critical business logic vulnerabilities and increase risk,’’ Don continues. 

On the other hand, GigaOm report called out Wib for its API source code scanning and analysis “with an eye toward API weaknesses.” Wib’s platform “provides automatic API documentation to create up-to-date documentation, as well as snapshots of changes to APIs and their risks every time they see a commit to code,” the report further read. 

As its operations grow across the Americas, UK, and EMEA, Wib says the investments will be used in order to improve its comprehensive API security platform and accelerate international growth.  

Read more »
Subscribe to: Posts (Atom)