ThreatX announced new API Catalog capabilities to provide enterprises with a clear view of their API’s attack surface, as well as the operational health of APIs in production. ThreatX supports DevOps and Security teams by assessing traffic in real-time to reduce risk and protect critical APIs from misconfiguration, DDoS, BOT attacks and malicious use.
APIs are under constant assault by sophisticated attackers. Any downtime or data loss experienced as a result of an API attack can be crippling to a company’s bottom line and reputation. ThreatX’s API Catalog gives enterprises visibility into legitimate, suspicious and malicious requests that hit their APIs. By analyzing and profiling actual traffic, ThreatX discovers and profiles API endpoints, providing users with enhanced visibility into legitimate, rogue and zombie APIs in production.
“API protection must be a core capability of web application firewalls,” said Tom Hickman, Chief Product Officer, ThreatX. “Enterprises increasingly demand a single solution that protects all web applications and APIs from all of today’s threat vectors, even when they’re all part of the same sophisticated attack. We offer our customers the ability to see which endpoints are actually receiving traffic, enabling them to combat a massive botnet attack or simply debug a failed login.”
ThreatX’s Protection-First approach to API security begins with Application and API traffic analysis to profile, identify and block suspicious activity. This attacker-centric protection can successfully tarpit traffic or permanently block requests coming in from suspicious entities.
Based on actual traffic, ThreatX’s new API Catalog allows organizations to add context into endpoints that may have slipped through the cracks of their CI/CD process, leaving the organization vulnerable.
“APIs have become a popular avenue of attack, both due to their criticality and to the fact that many organizations lack the visibility required to properly protect them,” said Bret Settle, Chief Strategy Officer and Co-Founder, ThreatX. “At ThreatX we’ve created an attacker-centric approach to security which allows us to be very effective in both our WAF and API Protection capabilities.”