DEVOPSdigest

Cequence Security announced the launch of its new API Security Assessment Services.

Designed to provide immediate, actionable insights into API security risks, these time-bound and fixed services leverage Cequence’s advanced Unified API Protection platform, enabling companies to quickly identify and address security gaps within their existing infrastructure.

Cequence’s assessment services provide a clear and comprehensive view of an organization’s API environment, helping identify hidden risks and comply with internal governance and external regulatory requirements. With quick, SaaS-based onboarding, organizations can easily access vital API protection and benefit from continuous threat detection, machine-learning-powered insights, and actionable recommendations that reinforce API security.

“Our API security and bot assessment services are designed to empower organizations with the insights they need to safeguard their digital assets,” said Anil Pochiraju, VP of Customer Success at Cequence. “In today’s threat landscape, it’s no longer enough to simply monitor for attacks; organizations must actively identify and remediate vulnerabilities within their API landscape. Our service provides a comprehensive view of API-based risks, enabling our clients to take informed action.”

Key Features of Cequence’s API Security Assessment Services:

- API Attack Surface Discovery: Discovers the attack surface for a domain and provides visibility into externally accessible API hosts, where APIs are deployed (e.g., cloud IaaS), and how they are protected (by CDNs, Gateways, WAFs, etc.). Edge, infrastructure, and application providers are also discovered and inventoried.

- API Inventory & Risk: Inventories all known and unknown, internal, external, and third-party APIs, generates OpenAPI specifications for APIs where none exist, analyzes OWASP API Top 10 findings, and makes recommendations to mitigate high-risk findings.

- API Sensitive Data Exposure: Identifies sensitive unencrypted data using ML-based rules with predefined (e.g., credit card and social security numbers) and customizable data patterns. Discovers and assesses API vulnerabilities that could lead to sensitive data exposure.

- API Security Testing: Performs comprehensive testing to uncover API coding errors and vulnerabilities such as Broken Authentication and Authorization, Insufficient Logging and Monitoring, Insecure Data Exposure, and Broken Object-Level Authorization, and generates test plans for up to three high-value, non-production APIs.

- API Threat Protection: Monitors up to three hosts to detect and assess potential threats to applications and APIs through an easy, passive deployment that doesn’t impact existing infrastructure.

Organizations leveraging Cequence’s assessment services can expect faster identification of potential vulnerabilities, along with detailed reports that document findings and recommend actionable steps for remediation. The assessments not only enhance security but also facilitate a culture of continuous improvement within development and operational teams.

“API security is not just a technical challenge; it’s a business imperative,” added Anil Pochiraju. “Our assessment services provide a clear roadmap for organizations to enhance their API security posture, mitigate risks, and ultimately protect their customers’ sensitive data. We are proud to be at the forefront of this critical initiative.”

This service not only addresses the immediate need to identify API-based vulnerabilities, but also offers opportunities for partners to collaborate with Cequence in providing these assessment capabilities to their customers.