Data Theorem introduced an API Attack Surface Calculator to help organizations of any size understand their attack surface exposures. Delivered as a free self-service offering, the assessment tool is simple to use and conducts its first-level API security analysis in less than five minutes.
API attack surfaces are dynamic by nature in the public cloud. Hackers are taking advantage of this API reality to help breach organizations and extract data. Organizations need to better understand and measure their ever-increasing API attack surfaces that are amplified by modern web, mobile, and cloud-native applications.
Data Theorem’s API Attack Surface Calculator can help organizations begin to build a modern API security program and understand how each layer of a cloud native app contributes to the overall API attack surface.
According to Gartner in its API Security: Protect your APIs from Attacks and Data Breaches webinar, “Gartner predicts that by 2022, application programming interface (API) attacks will become the most-frequent attack vector, causing data breaches for enterprise web applications. Already, many well-publicized API security vulnerabilities affected a wide range of organizations…Many of the recent API data breaches have exploited multiple layers of application in order to extract data. Understanding how exposure[s] at each layer of the application stack can lead to a breach.”
The new API Security Calculator provides a multi-step process for customers to answer questions about the different layers in the application stack. Following customer supplied answers, the Attack Surface Management (ASM) capabilities running inside of Data Theorem’s Analyzer Engine will provide dynamically driven ratings around potential API exposures across the multiple application layers: client, data transport and cloud.
“This free API Attack Surface Calculator, which can be done in a self-service fashion and takes less than 5 minutes to complete its assessment, is an important first step in measuring an organization for the most prominent attack vector and attack surface exposures,” said Doug Dooley, Data Theorem COO. “At no charge, organizations can leverage Data Theorem’s differentiated ASM capabilities and comparative insights that give sensitivity ratings per attack surface layer that help customers determine next steps on addressing potential API exposures.”
Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its Analyzer Engine, which leverages a new type of dynamic and run-time analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation.
This API Attack Surface Calculator is available now for free.