Parasoft announces the opening of its new office in Northeast Ohio.
Wallarm announced the early release of the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak.
Wallarm developed the API Leak Management solution to automatically discover leaked API keys and secrets, implement controls to block their use, and protect against any follow-on attacks. This prevents unauthorized access to sensitive data within enterprise companies while protecting their internal operations and end customers from unauthorized use of that data.
“API keys and secrets are an essential part of enterprise applications, but they are also a common target for attackers since they provide direct access to the data and infrastructure,” said Ivan Novikov, CEO and Co-founder of Wallarm. “Our API Leak Management solution allows enterprise customers to automatically detect and block the use of leaked API keys, providing an additional layer of security for their data to reduce organizational risk."
Locating and revoking API keys in a timely manner is both time-consuming and resource-intensive, so Wallarm’s proactive API leak management solution prioritizes automated detection, remediation, and control through a three-prong approach:
- Detect. Wallarm automatically scans public sources for leaked API secrets, which hackers can find and abuse in less than 1 minute.
- Remediate. Wallarm immediately blocks requests using compromised API secrets across the entire API portfolio, regardless of protocol.
- Control. Wallarm also continuously tracks and blocks any subsequent use of leaked API secrets.
The Wallarm API Leak Management solution is integrated with other Wallarm capabilities, including API Discovery, API Threat Prevention, and Cloud-Native WAAP. Customers get full-spectrum visibility, detection, and protection for their entire web application and API portfolio, regardless of protocol or environment, via the Wallarm API Security Platform. This reduces tool sprawl and cost while improving risk management and supporting innovation.
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.