Cequence's API Sentinel Looks to Provide Continuous API Security, Visibility and Monitoring
Cequence is adding a new level of API security for continuous runtime visibility and protection. IDN looks at Cequence API Sentinel.
Cequence Security is shipping a new runtime API security solution that aims to provide protection from multiple threats. Cequence API Sentinel aims to deliver continuous runtime API visibility, shadow API discovery, risk analysis, and conformance assessment.
With the addition of API Sentinel, Cequence can unify visibility, vulnerability protection, bot mitigation, and business logic abuse prevention into a single platform, according to company execs.
"API security is the fastest-growing segment of the security market today but has been largely underserved by siloed point products that only address a part of the problem. The addition of API Sentinel to the Cequence Application Security Platform extends our API protection beyond automated bot attacks and API abuse to include the discovery of API risks introduced by shadow publication, coding or non-conformance errors," said Ameya Talwalkar, co-founder and chief product officer of Cequence Security.
"Our end-to-end approach ensures that API security can be clearly understood and actioned across development, security, operations, and compliance teams,” he added.
"Organizations typically spend more time focused on active attacks and breaches than they do assessing their code and environments for vulnerabilities and security gaps which are often hiding in plain sight," added Ed Amoroso, CEO of TAG Cyber.
In most cases, companies lack tools that can provide that level of visibility for APIs, Amoroso added. "API Sentinel fills a critical need so that security and development can collaborate to secure and protect today's API-driven applications."
Capabilities of the Cequence API Sentinel platform include:
Continuous Risk Scoring: Assesses and assigns a numeric risk factor for each API based on the strength of authentication used, presence of PII, PCI or other sensitive data, detection of unencrypted communication, and non-conformance to the OpenAPI specification.
Runtime API Catalogue and Usage Analysis: This feature automatically discovers all APIs, including managed and shadow APIs. Further, it can analyze API usage and access, including geolocation, IP addresses and organizations. It also provides users a view into headers, parameters, and response codes with flexible time-based filtering.
Schema Non-conformance Detection: This performs a runtime comparison of an organization's inventoried APIs against an OpenAPI specification to uncover and flag API endpoints, headers, parameters and response codes as non-conformant. With this information, it can discover out-of-spec elements, and can effectively mitigate security risks before they reach production.
Real-time API Inventory: Thanks to native integration with existing API management infrastructure, it provides automatic discovery of knowingly published and shadow APIs. Also, default and customizable groupings provide teams with a complete picture of an organization's API footprint.
These and other features provide users a range of benefits, including:
Quick Deployment: Native integration with Amazon API Gateway or Apigee API Management is enabled using an intuitive, widget-based interface. This allows users to begin reducing API security risks within a matter of minutes.
Continuous Risk Analysis: Analyze all APIs based on security best practices to determine their overall risk. Remediate errors prior to publication and eliminate security gaps.
High-Visibility for APIs: Visibility provided by an up-to-the-minute inventory and usage analysis of all your APIs helps ensures they are secure.
Prevent API Security Flaws Before Publication: Analyze APIs against your OpenAPI specification to uncover and remediate possible security gaps – before attackers discover them.
Cequence API Sentinel is available as a modern Kubernetes app and integrates natively with popular API gateways from Amazon, Apigee and MuleSoft.
Readers can take a free trial of Cequence API Sentinel here.