Hundreds of millions of application programming interfaces (APIs) power today’s digital economy, and that figure continues to expand at a relentless pace. While development teams deploy tools to help them conquer the complexity of managing their API inventory and increase their velocity, the resulting sprawl has created far greater concerns. APIs now represent the broadest and riskiest attack surface in the enterprise. Today we’re seeing APIs become a preferred attack vector for cybercriminals and hackers. A recent Salt Security survey showed that 94% of respondents have experienced security problems in production APIs within the past 12 months, and 20% have suffered a data breach resulting from these API security gaps.
Why? Traditional security approaches are not enough to detect and stop API attacks. To protect your business from being a victim of a successful API attack, you need a platform built from the ground up to automatically discover new and changed APIs, detect and stop attacks on APIs in the early stages, and fix vulnerabilities in new and running APIs.
The platform must take a full lifecycle approach to protect all of the APIs running in your environment — and do so without impacting performance or the user experience. Achieving this level of protection requires automation, powered by cloud-scale big data and highly trained artificial intelligence (AI). Humans — even deeply experienced security analysts — simply can’t analyze hundreds of attributes across millions of API calls to uncover the rich context needed to detect threats such as a multi-day credential stuffing attack.
That’s what differentiates the Salt Security API Protection Platform: its ability to collect, store, and analyze millions of attributes and correlate them over time to identify attackers during reconnaissance. Using the most mature AI and machine learning (ML) algorithms, extensively trained through years of exposure to thousands of environments, the Salt Security platform provides all the context needed to protect all of your APIs — even the ones you didn’t know you had.
Salt Security’s newest connector enables customers to seamlessly mirror their Google Cloud Virtual Private Cloud traffic to the Salt API context engine to detect threats and improve their API-related security posture. With this integration, customers can quickly begin collecting API traffic quickly and efficiently with no agents, no code changes, and no configuration. During the implementation process, Salt API experts will work with organizations to mirror the most relevant traffic to meet their specific use cases in a low-impact, resource-efficient, offline manner.
Maintaining a complete and current API inventory represents one of the biggest blind spots for cybersecurity teams today. Unless your company already has an advanced API security platform, you almost certainly have unknown or shadow APIs, zombie APIs (those thought to be deprecated but still in use), incorrectly documented or undocumented APIs, and APIs with unknown vulnerabilities such as exposing sensitive data. You can’t protect what you can’t see. The Salt Security platform automatically and continuously discovers all your internal, external, and third-party APIs, including shadow and zombie APIs.
Attackers are focused on finding and exploiting vulnerabilities in the business logic of your APIs. Because APIs are unique, attackers take days, weeks, or months to probe and understand how your APIs work and where they may have vulnerabilities. The Salt Security platform detects these low-and-slow attacks, uncovering the reconnaissance actions of bad actors early in their probing. With Salt, you can choose to manually or automatically block attackers using the inline devices you already have deployed. The robust integrations with the Google Cloud products you already leverage allow you to do this with fewer resources and effort.
It’s not enough to find and block attackers exploiting a vulnerability in your API. You will also want to remediate the security gap in your APIs. The Salt Security platform lets you simulate runtime behavior and attacks as part of your CI/CD pipeline process, so you can bake security into your development cycle. The Salt platform also identifies vulnerabilities found only at runtime and provides clear remediation details dev teams can apply to harden existing APIs.
Dr. Anton Chuvakin, security advisor at Office of the CISO, Google Cloud, joined our recent API Security Summit. Dr. Chuvakin’s session – co-hosted by Salt Security's Michelle McLean – provided an in-depth discussion on why API security has become a “now” problem.
The monetary growth opportunities promised by APIs are immense, but to harness them, CISOs must ensure the protection of their APIs.
With the industry moving to microservices and API-driven applications, new security threats and attack vectors have emerged. The PCI Security Standards Council has worked to address these threats in its newest PCI DSS 4.0 standard.