GitLab announced the general availability of GitLab Duo with Amazon Q.
ThreatX unveiled new capabilities designed to strengthen API security.
These new capabilities will provide customers with deeper insight into the scope of API attacks, more fully visualize the API attack surfaces and identify API schema compliance gaps that attackers can exploit.
ThreatX applies a combination of artificial intelligence and machine learning to detect even the slightest indicators of suspicious activity. Unlike post-attack API anomaly detection tools that require offline data analysis, ThreatX builds risk profiles of attackers over time, enabling it to identify and stop even the most complex threats in real-time.
“To get API protection right, it is imperative that organizations have a clear view of their API attack surface and API schemas. Additionally, it is equally important that they can assess attacks against APIs as compared to traditional web apps,” said Tom Hickman, Chief Innovation Officer at ThreatX. “I am extremely proud of the work that the ThreatX product and engineering team has done to deliver these unique and important capabilities to our customers.”
ThreatX has now added the following capabilities:
- API Schema Compliance: ThreatX’s API schema compliance capabilities will allow customers to centrally manage OpenAPI 3.0 schemas for the API endpoints ThreatX discovers and protects. This enables organizations to compare API traffic to specifications to determine whether compliance gaps exist so they can work to mitigate them. In addition, ThreatX’s real-time discovery capabilities shine a spotlight on API endpoints that may be out of the view of security and development teams, such as zombie and rogue APIs. Overall, these capabilities give customers a holistic and clear picture of their API attack surface, along with an understanding of when and where APIs are being managed appropriately.
- API Dashboard: ThreatX’s new API Dashboard details API endpoint usage and how it compares to expected behavior, as defined in the schema. Users can build custom schemas for APIs that are outdated or even those that have no schemas available. The dashboard is geared towards identifying key indicators of an attack and potential vulnerabilities. ThreatX’s dashboards make it easier than ever for organizations to drill into the finer points of API attacks. With a comprehensive set of data available, customers can quickly take responsive actions, such as enabling automatic blocking, establishing geo-fencing to block traffic from parts of the globe where there should not be clients, or tarpitting attacks to prevent overconsumption of backend resources.
“When speaking with both our customers and prospects, it’s become clear to us that many of today’s solutions, such as API Gateways, aren’t designed to protect APIs against the sophisticated, multi-mode attacks that have become commonplace,” said Bret Settle, Chief Strategy Officer at ThreatX. “By delivering these new capabilities directly within the ThreatX platform, our customers will be able to leverage a single solution that gives them the unique ability to both identify and stop attacks in real time.”
ThreatX’s new capabilities provide customers with enhanced protection against these threats, including DDoS, botnet and multi-mode attacks.
Industry News
Perforce Software and Liquibase announced a strategic partnership to enhance secure and compliant database change management for DevOps teams.
Spacelift announced the launch of Saturnhead AI — an enterprise-grade AI assistant that slashes DevOps troubleshooting time by transforming complex infrastructure logs into clear, actionable explanations.
CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.