Edgio announced the availability of its new API
Security solution that uses machine learning (ML) to discover and
protect enterprise Application Programming Interfaces (APIs) from
evolving threats. The latest addition to Edgio's Security platform
reduces the risk of API-specific attacks and through simple integration
with developer workflows enables strong application performance and
accelerated application release velocity.
The rapid growth of APIs used to build microservices in cloud-native
architectures has left many enterprises in the dark when it comes to
knowing where, how many, and what types of APIs they have. With multiple
teams creating their own API endpoints without shared visibility or
governance, exposed APIs can become a critical attack surface for
hackers. Edgio uses ML to inspect both application traffic patterns and
content to ensure API endpoints are discovered, managed and secured.
"Edgio's unique Global Holistic Web Protection Platform (HWPP) features,
including its dual WAAP, self-serviceability, SIEM and SOAR integration
options, real-time log delivery, and pricing model are attractive
capabilities that differentiate the company from many other market
participants," said Ying Ting Neoh, cybersecurity research analyst at
Frost & Sullivan. "The latest addition of the new Edgio API Security
solution that uses machine learning to discover and protect enterprise
APIs from evolving threats, further adds to its differentiation in the
security market."
The launch of the Edgio solution comes at a time when API abuse is on
the rise. According to the Veracode State of Software Security 2023, 74%
of applications scanned in 2023 were found to have a high severity
vulnerability.
"Our new advanced API security capabilities give customers integrated
protection at the edge, a critical feature for the modern enterprise,"
said Ajay Kapur, CTO and General Manager, Applications, at Edgio. "Built
natively into our 300+ PoP edge network, the API Security solution
provides strong protection for enterprises where and when they need it
most, without management complexity and performance degradation."
Available immediately to customers worldwide, Edgio is delivering this
service as part of its fully integrated, holistic Web Application and
API Protection (WAAP) solution for greater visibility with less
complexity, giving customers the ability to respond to threats quicker.
With its ML-powered API discovery capabilities, enterprises can easily
onboard API endpoints on the Edgio platform via OpenAPI, and enforce
encryption, API rate limiting, and other controls across identified APIs
without tedious manual processes or bolt-on solutions. This ensures
consistent security practices and mitigates the risk of unauthorized
access or data breaches from unknown or hidden API endpoints.
In addition, Edgio now offers a positive security model via API schema
validation to ensure that only API requests with the proper
specifications are allowed access while mitigating invalid API requests.
APIs rely on structured data formats, such as JSON, to communicate
information between systems. The positive security model allows
customers to verify that the data being transmitted adheres to the
defined structure and format via standard OpenAPI specs, preventing
malformed or unexpected data from causing errors or the exploitation of
security vulnerabilities i.e., SQL injection attacks. It also
prevents malicious API calls from overloading the application by
filtering them out at the point of origin.
As part of Edgio's Dual WAAP, the solution allows DevSecOps to test and
validate API schema changes in production via an additional audit
profile to lower the risk of blocking legitimate traffic and decrease
the mean time to resolution (MTTR) with faster testing. Rule changes can
be deployed across the entire network in under 60 seconds to close the
door on attackers.
"With the proliferation of APIs at the heart of today's digital world,
API sprawl is creating new challenges for businesses," said Kapur.
"Building API discovery and protection into the Edgio platform helps
organizations address their most pressing issue, without costly and
time-intensive DIY or third-party approaches. Edgio helps them discover
and manage shadow APIs, ensuring developers follow established API
management protocols, and, most critically, ensuring data privacy and
protection."