Cequence Security Enhances API Security Testing Capabilities
February 06, 2023

Cequence Security has enhanced the testing capabilities within its Unified API Protection Platform with the availability of API Security Testing.

This API Security Testing framework encourages shift-left efforts by giving security and development teams the tools to quickly uncover and remediate API vulnerabilities in pre-production environments that could otherwise lead to business disruption in production.

With API Security Testing, security and development teams can integrate continuous and automated testing of their pre-production APIs into their development and release cycle. For scenarios where no API specifications exist, security teams can leverage real-time API traffic analysis to baseline API specifications based on runtime traffic, eliminating the need to search for owners of legacy APIs or create specifications from scratch.

“Driven by the rapid rise in API exploits caused by coding errors, security and development teams are looking at ways to improve their API testing efforts without jeopardizing their continuous development release cycles,” said Varun Kohli, CMO at Cequence Security. “API Security Testing complements our runtime compliance capabilities that detect security risks such as business logic abuse and OWASP API Top 10 risks in production APIs. With API Security Testing, teams can apply the same compliance and security checks to their build processes to detect compliance issues earlier in the development cycle for pre-production APIs.”

Key capabilities of the new offering include:

- Continuous integration (CI)/Continuous development (CD) and Collaboration Tools Integration: Integrates with CI/CD tools like Gitlab, Azure DevOps, Jenkins and Bamboo, allowing developers to run tests against their pre-production APIs to detect and report security risks.

- Visualize Results and Remediate Test Failures: Security and development teams can visualize results and drill down into details to quickly understand the compliance issues identified in pre-production APIs. Summary reports allow results to be exported and shared with API owners and development teams for quick remediation and re-execution of tests.

- Comprehensive OWASP API Top 10 Risk Detection: Detects security risks including the OWASP API Top 10 and business logic risks, including introduction of shadow APIs and sensitive data exposure. Administrators can define customized sensitive data exposure and custom risk categories for different groups of APIs based on the vertical. For example, retail customers can create policies configured to look explicitly for credit card numbers, while automotive customers can monitor and prevent exposure of vehicle identification numbers.

API Security Testing is part of the Cequence Unified API Protection solution and leverages an open, extensible architecture to seamlessly integrate into existing API protection infrastructure.

Share this

Industry News

November 26, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader and Fast Mover in the latest GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPPs).

November 26, 2024

Spectro Cloud, provider of the award-winning Palette Edge™ Kubernetes management platform, announced a new integrated edge in a box solution featuring the Hewlett Packard Enterprise (HPE) ProLiant DL145 Gen11 server to help organizations deploy, secure, and manage demanding applications for diverse edge locations.

November 26, 2024

Red Hat announced the availability of Red Hat JBoss Enterprise Application Platform (JBoss EAP) 8 on Microsoft Azure.

November 26, 2024

Launchable by CloudBees is now available on AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 26, 2024

Kong closed a $175 million in up-round Series E financing, with a mix of primary and secondary transactions at a $2 billion valuation.

November 26, 2024

Tricentis announced that GTCR, a private equity firm, has signed a definitive agreement to invest $1.33 billion in the company, valuing the enterprise at $4.5 billion and further fueling Tricentis for future growth and innovation.

November 25, 2024

Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.

November 25, 2024

Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.

November 25, 2024

Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).

November 21, 2024

Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.

November 21, 2024

Securiti announced a new solution - Security for AI Copilots in SaaS apps.

November 20, 2024

Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.