Forrester Research recently emphasized the significance of API security following recent cyberattacks. They highlight that API security has become a prominent tool for safeguarding applications in 2023. In 2022, there were noteworthy incidents involving APIs, such as the case of 9.8 million Optus (News - Alert) customers whose personal data was stolen and held for ransom due to an openly accessible API that lacked authentication measures. Other notable instances included API vulnerabilities in platforms like Twitter, T-Mobile (News - Alert) and even a law enforcement application, all of which led to data exposure.
There is a positive note. Global leaders in security decision-making have reported a steady increase in the adoption of API security between 2020 and 2022, and this momentum is expected to continue. Forrester (News - Alert) Research advises organizations to continue to allocate their augmented security budget toward the assessment and fortification of their APIs.
Akamai, the cloud company that powers and protects life online, agrees with Forrester Research and advises companies to fortify their APIs. A recent State of the Internet report by Akamai noted that 2022 was a record year for application and API attacks.
To help security teams stop API attacks and detect business logic abuse inside APIs, Akamai (News - Alert) launched API Security, a product that also discovers, audits and monitors API activity using behavioral analytics to rapidly respond to threats and abuse.
The API Security product, a result of Akamai's acquisition of Neosec, offers comprehensive API activity monitoring, utilizing behavioral analytics to identify complex threats. It enhances threat detection by analyzing historical data stored in a data lake. The solution encompasses API discovery, visibility, risk assessment, as well as detection and response capabilities for thorough investigation and proactive threat hunting.
Probably most notably, the Shadow Hunt threat hunting managed service provides machine learning insights for human analysts to investigate. This product ensures API protection by monitoring and detecting breaches, safeguarding customer data.
"Recent breaches have painfully revealed the necessity of API security solutions. Preventing API-based attacks by guarding endpoints and checking credentials is no longer sufficient," said Rupesh Chokshi, Senior Vice President and General Manager, Application Security (News - Alert) at Akamai. "Akamai's API Security gives organizations the ability to monitor API behavior in any platform or gateway to ensure that business processes are running smoothly and securely."
API Security, which complements Akamai's existing App and API Protector solution, is compatible with various API gateways, WAAP and cloud setups. With API Security, Akamai customers can streamline integration using the edge connector feature, saving time, effort and integration costs with a simple click.
Edited by Alex Passett