At Black Hat USA 2022, Traceable AI announced enhanced capabilities to address more specific types of API attacks, including API abuse and misuse, fraud and malicious API bots, all of which contribute to serious data security and compliance challenges within organizations today.
These additional capabilities enable organizations to detect, stop and eliminate these types of sophisticated attacks, to protect their data, financial resources, and reputation.
Traceable’s enhanced data security capabilities address the fundamental business and financial risks, and operational downtime often associated with API data breaches. These attack types typically come in the form of API abuse and fraud, account takeover, and malicious API bots.
In terms of features and capabilities with this release, Traceable’s API security platform provides organizations the ability to track volumes of sensitive data traversing between APIs over time, and categorize users accessing data through APIs (e.g., partners, data owners, threat actors). Security and compliance teams can also create customizable data sets for enhanced data protection and compliance capabilities.
Enhanced detection accuracy is also available with various sensors including geolocation, Tor, botnet, proxy and malicious bots (e.g., scraper, spam, botnet). More capabilities include the ability to correlate with increases in account takeover or excessive login attempts, and detection of fraud for materially significant data (e.g., gift cards, loyalty points, free credits, and much more). Most importantly, users can establish a baseline of API sequences and user behavior to detect fraudulent activities.
“APIs are the largest attack vector for data loss, business logic abuse and fraud in nearly every industry,” stated CTO and co-founder of Traceable AI, Sanjay Nagaraj.
“Organizations are seeing more APIs being abused for account takeovers, manipulate inventory or prices, fraud in referral or digital payments or exfiltrate sensitive data such as social security numbers and banking information. These have serious consequences from a compliance standpoint, in addition to a negative financial and brand impact. We recognize how important it is to prevent abuse and fraudulent activities via API’s and continue to innovate our API Security Platform. These latest platform updates better arm organizations against these types of malicious threats.”, Nagaraj continued.
Traceable continues to build on its API Security Platform’s existing capabilities, which includes:
- API discovery and security posture: Traceable discovers and identifies all external API endpoints and internal APIs in a data-rich catalog for visibility and identification of organizations’ API estate and sprawl. Shadow and orphaned APIs are identified, and users are notified of any API changes. It maps app topologies and data flows, including connectivity between edge APIs, internal services, and data stores.
- Protection against sensitive data exfiltration: Security teams can detect where hackers gain access to sensitive data by exploiting software bugs or CVEs. Understand the flow of transactions through the application – from the edge to the data store and back – to respond and mitigate risk. Organizations can respond to API threats with API bot mitigation – preventing runtime exploitation tracking users and threat actors.
- Threat hunting: Traceable provides a set of security and application flow analytics, which can be used by SOC teams or security analysts. Teams can hunt for hidden IOCs and breaches, track and trace activities of suspicious users, run post-mortem analyses of security incidents, spot malicious users, speed incident response, and lower mean time to resolution.
“It is important to understand the limitations of other API security providers that collect and analyze data in a purely out-of-band manner – especially in highly regulated industries. You may not meet compliance requirements or may leave your company vulnerable to breaches,” stated Nagaraj.
Flexible deployment options:
- Fully out-of-band collection via network log analysis of AWS, Google Cloud Platform (GCP), and Azure clouds – specifically for highly regulated industries.
- Collection by instrumentation within your API gateway, proxies, or service mesh.
- In-app data collection through instrumentation by language-specific agents or via socket filtering.
- Agent or agentless deployment depending on business requirements.
Traceable’s frictionless platform can be deployed 100% on-premises in a fully air-gapped model or can be delivered by SaaS or hosted in customers’ AWS, GCP, and Azure clouds. Overall, it was designed to process and analyze APIs, application communication and user behavior data at cloud scale. Lastly, it is designed to support very large customer deployments consisting of thousands of API endpoints and billions of API calls.
“Our platform’s innovation handles the smallest to the largest of deployments even in the most highly regulated industries, which is nearly impossible with other API security vendors,” added Nagaraj.