API Posture Management – Common Topics We’re Asked About
2024-7-29 21:0:10 Author: securityboulevard.com(查看原文) 阅读量:1 收藏

This article is the second in a series of six covering key API security topics and provides some answers to common questions we often get when talking to potential customers. The series will cover the following topics:

  • API Discovery
  • API Posture Management (this article)
  • Attack Protection
  • API Security Testing
  • Attack Detection and Threat Hunting
  • Architecture & Deployment

API security needs are specific to individual organizations and their particular market or industry, and the Cequence Unified API Protection platform was developed with that in mind – it’s highly flexible, customizable, and built to grow with your business.

This article focuses on API posture management, which encompasses API discovery, monitoring, testing, and compliance. Proper API posture management includes assessing the organization’s APIs for a broad range of risks that can lead to compliance or governance issues, data loss, and business disruption. API posture management is the primary purpose of API Sentinel, a foundational component of the Cequence Unified API Protection platform. API Sentinel performs many key API posture management functions, including:

  • API discovery & inventory
  • Generation of API definitions/specs
  • API risk identification & classification
  • Sensitive data exposure detection and prevention
  • Support for common risk frameworks such as OWASP
  • API security testing

The following are some common requirements that we’ve heard voiced by potential customers:

Discover And Visualize API Dependencies

Cequence includes a graphical tool that provides actionable visualization of end-to-end API flows with an attractive, easy-to-understand interface. This capability enhances security team visibility by identifying good and bad flows and their associated volumes, , enabling personnel to quickly understand and take immediate action on any malicious activity. Unlike competitive solutions, Cequence offers single click, native mitigation for malicious traffic including logging, rate limiting, and blocking.

Sensitive Data Classification into Sets (Including Customized)

Cequence protects Fortune and Global 500 organizations across multiple industries including retail, telecommunications, and financial services, and customers including 2 of the top 3 telecoms, the largest credit card and mutual fund companies, some of the largest fashion and beauty retailers, one of the world’s largest mining companies. Cequence classifies sensitive data as needed and can be customized to meet the needs of the organization beyond standard data such as U.S. Social Security Numbers (SSN) but also vertical-specific sensitive information, e.g., credit cards numbers, IMEI, and CPNI.

Discovery Of Sensitive Data Flows

Cequence offers a Sensitive Data Exposure dashboard to quickly identify and remediate APIs and endpoints using sensitive data based on predefined (e.g., credit card numbers, social security numbers, Stacktrace codes, etc.) and customizable data patterns. Context-aware sensitive data detection using a Natural Language Processing (NLP) machine learning technique complements predefined patterns and reduces false positives by identifying sensitive data exposure using contextual clues, e.g., presence of keywords close to the actual detected value.

The results are graphically displayed in the dashboard with details such as the API source or response codes leaking the data, the pattern found, and the underlying IP address details. Notifications can be sent to development teams for rapid remediation using predefined alerts for tools such as Slack, PagerDuty, or email. Read more about Sensitive Data Exposure.

Flag Shadow, Zombie, And Orphaned Endpoints

Cequence automatically discovers and identifies shadow, zombie, and orphaned endpoints. These can include unused or dormant APIs that aren’t transacting data as well as active APIs that don’t have associated specifications. Read more about our API Discovery and Risk Classification.

API Posture Change Detection and Alerting

Cequence offers continuous monitoring of the organization’s API security posture, assessing a broad range of risks that can lead to compliance or governance issues, data loss, and business disruption. As API risk posture changes, these risk events are highlighted in the UI and exportable for additional actions.

Some of the other areas of API posture management where Cequence excels:

Discovery of sensitive data in the APIs
Automated risk scoring for API Endpoints
Ability to customize risk factors in API endpoints
Automatically generate and download OpenAPI spec from runtime
OpenAPI spec conformance analysis: runtime vs. uploaded
Per API endpoint vulnerability identification
Identify exposed APIs by external scanning
Identify exposed credentials by external scanning
Identify exposed vulnerabilities by external scanning
Identify business logic abuse

There are certainly other facets of API posture management, but these are some of the topics we hear about most frequently. Check out the other articles in this series, or our eBook, “Ten Things Your API Security Solution Must Do.

The post API Posture Management – Common Topics We’re Asked About appeared first on Cequence Security.

*** This is a Security Bloggers Network syndicated blog from Cequence Security authored by Jeff Harrell. Read the original post at: https://www.cequence.ai/blog/api-security/api-posture-management-common-topics-were-asked-about/


文章来源: https://securityboulevard.com/2024/07/api-posture-management-common-topics-were-asked-about/
如有侵权请联系:admin#unsafe.sh