ThreatX expands API visibility and protection capabilities to stop complex threats in real-time

ThreatX unveiled new capabilities designed to strengthen its customers’ API security. These new capabilities will provide customers with deeper insight into the scope of API attacks, more fully visualize the API attack surfaces and identify API schema compliance gaps that attackers can exploit.

ThreatX API security

ThreatX applies a combination of artificial intelligence and machine learning to detect even the slightest indicators of suspicious activity. Unlike post-attack API anomaly detection tools that require offline data analysis, ThreatX builds risk profiles of attackers over time, enabling it to identify and stop even the most complex threats in real-time.

“To get API protection right, it is imperative that organizations have a clear view of their API attack surface and API schemas. Additionally, it is equally important that they can assess attacks against APIs as compared to traditional web apps,” said Tom Hickman, Chief Innovation Officer at ThreatX. “I am extremely proud of the work that the ThreatX product and engineering team has done to deliver these unique and important capabilities to our customers.”

ThreatX has now added the following capabilities:

API schema compliance

For many organizations, particularly those with distributed DevOps teams, API schemas provide a central way of defining how APIs should work. Without a schema, it is difficult for security teams to understand whether any API call is legitimate or malicious, creating a significant security risk for organizations.

To address this challenge, ThreatX’s API schema compliance capabilities will allow customers to centrally manage OpenAPI 3.0 schemas for the API endpoints ThreatX discovers and protects. This enables organizations to compare API traffic to specifications to determine whether compliance gaps exist so they can work to mitigate them.

In addition, ThreatX’s real-time discovery capabilities shine a spotlight on API endpoints that may be out of the view of security and development teams, such as zombie and rogue APIs. Overall, these capabilities give customers a holistic and clear picture of their API attack surface, along with an understanding of when and where APIs are being managed appropriately.

API dashboard

ThreatX’s new API Dashboard details API endpoint usage and how it compares to expected behavior, as defined in the schema. Users can build custom schemas for APIs that are outdated or even those that have no schemas available. The dashboard is geared towards identifying key indicators of an attack and potential vulnerabilities.

ThreatX’s dashboards make it easier than ever for organizations to drill into the finer points of API attacks. With a comprehensive set of data available, customers can quickly take responsive actions, such as enabling automatic blocking, establishing geo-fencing to block traffic from parts of the globe where there should not be clients, or tarpitting attacks to prevent overconsumption of backend resources.

“When speaking with both our customers and prospects, it’s become clear to us that many of today’s solutions, such as API Gateways, aren’t designed to protect APIs against the sophisticated, multi-mode attacks that have become commonplace,” said Bret Settle, Chief Strategy Officer at ThreatX. “By delivering these new capabilities directly within the ThreatX platform, our customers will be able to leverage a single solution that gives them the unique ability to both identify and stop attacks in real time.”

The release of these expanded capabilities highlights ThreatX’s continued efforts to enhance its API protection platform, efforts which have been recognized by both the 2022 Cybersecurity Excellence Awards and the 2022 Globee Cyber Security Global Excellence Awards. Additionally, ThreatX was named a Visionary in the 2021 Gartner Magic Quadrant for Web Application and API Protection.

ThreatX’s new capabilities provide customers with enhanced protection against these threats, including DDoS, botnet and multi-mode attacks.




Share this