Red Hat and Elastic announced an expanded collaboration to deliver next-generation search experiences supporting retrieval augmented generation (RAG) patterns using Elasticsearch as a preferred vector database solution integrated on Red Hat OpenShift AI.
ThreatX Launches New API Visibility and Protection Capabilities
April 26, 2022
ThreatX unveiled new capabilities designed to strengthen API security.
These new capabilities will provide customers with deeper insight into the scope of API attacks, more fully visualize the API attack surfaces and identify API schema compliance gaps that attackers can exploit.
ThreatX applies a combination of artificial intelligence and machine learning to detect even the slightest indicators of suspicious activity. Unlike post-attack API anomaly detection tools that require offline data analysis, ThreatX builds risk profiles of attackers over time, enabling it to identify and stop even the most complex threats in real-time.
“To get API protection right, it is imperative that organizations have a clear view of their API attack surface and API schemas. Additionally, it is equally important that they can assess attacks against APIs as compared to traditional web apps,” said Tom Hickman, Chief Innovation Officer at ThreatX. “I am extremely proud of the work that the ThreatX product and engineering team has done to deliver these unique and important capabilities to our customers.”
ThreatX has now added the following capabilities:
- API Schema Compliance: ThreatX’s API schema compliance capabilities will allow customers to centrally manage OpenAPI 3.0 schemas for the API endpoints ThreatX discovers and protects. This enables organizations to compare API traffic to specifications to determine whether compliance gaps exist so they can work to mitigate them. In addition, ThreatX’s real-time discovery capabilities shine a spotlight on API endpoints that may be out of the view of security and development teams, such as zombie and rogue APIs. Overall, these capabilities give customers a holistic and clear picture of their API attack surface, along with an understanding of when and where APIs are being managed appropriately.
- API Dashboard: ThreatX’s new API Dashboard details API endpoint usage and how it compares to expected behavior, as defined in the schema. Users can build custom schemas for APIs that are outdated or even those that have no schemas available. The dashboard is geared towards identifying key indicators of an attack and potential vulnerabilities. ThreatX’s dashboards make it easier than ever for organizations to drill into the finer points of API attacks. With a comprehensive set of data available, customers can quickly take responsive actions, such as enabling automatic blocking, establishing geo-fencing to block traffic from parts of the globe where there should not be clients, or tarpitting attacks to prevent overconsumption of backend resources.
“When speaking with both our customers and prospects, it’s become clear to us that many of today’s solutions, such as API Gateways, aren’t designed to protect APIs against the sophisticated, multi-mode attacks that have become commonplace,” said Bret Settle, Chief Strategy Officer at ThreatX. “By delivering these new capabilities directly within the ThreatX platform, our customers will be able to leverage a single solution that gives them the unique ability to both identify and stop attacks in real time.”
ThreatX’s new capabilities provide customers with enhanced protection against these threats, including DDoS, botnet and multi-mode attacks.
Industry News
May 09, 2024
Traceable AI announced an Early Access Program for its new Generative AI API Security capabilities.
May 09, 2024
StackHawk announced a new integration with Microsoft Defender for Cloud to help organizations build software more securely.
May 08, 2024
MacStadium announced that it has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that MacStadium has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM), and that it joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
May 08, 2024
The Cloud Native Computing Foundation® (CNCF®) released the two-day schedule for CloudNativeSecurityCon North America 2024 happening in Seattle, Washington from June 26-27, 2024.
May 08, 2024
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.
May 08, 2024
Red Hat is announcing an optional additional 12-month EUS term for OpenShift 4.14 and subsequent even-numbered Red Hat OpenShift releases in the 4.x series.
May 08, 2024
HAProxy Technologies announced the launch of HAProxy Enterprise 2.9.
May 08, 2024
ArmorCode announced the general availability of AI Correlation in the ArmorCode ASPM Platform.
May 08, 2024
Octopus Deploy launched new features to help simplify Kubernetes CD at scale for enterprises.
May 08, 2024
Cequence announced multiple ML-powered advancements to its Unified API Protection (UAP) platform.
May 07, 2024
Oracle announced plans for Oracle Code Assist, an AI code companion, to help developers boost velocity and enhance code consistency.
May 07, 2024
New Relic launched Secure Developer Alliance.
May 07, 2024
Dynatrace is enhancing its platform with new Kubernetes Security Posture Management (KSPM) capabilities for observability-driven security, configuration, and compliance monitoring.
May 07, 2024
Red Hat announced advances in Red Hat OpenShift AI, an open hybrid artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across hybrid clouds.
