Wednesday January 23, 2019 0 comments
The latest enhancements include an AI-based cloud trial, the ability to detect new types of attacks, support for Splunk environments, and additional integration with API gateways, the company said.
The lack of visibility into how APIs are consumed is becoming commonplace in today’s enterprise environment. In fact, a recent Ping Identity survey conducted among security and IT professionals reveals that 45% of respondents aren’t confident in their organization’s ability to detect whether a bad actor is accessing their APIs.
Fifty-one percent aren't even assured their security team knows about all of the APIs that exist in the organization. This data illustrates that the people trusted with securing APIs don’t have enough visibility into their activity to identify abuses and attacks, which has contributed to why recent API attacks were not discovered for months.
Ping said in its latest product update of PingIntelligence for APIs, three important capabilities make protecting APIs, and the data and applications they expose, even more achievable:
- AI-Based Cloud Trial for Evaluation
PingIntelligence for APIs uses AI and machine learning methods to detect, block and report attacks, as well as deliver detailed traffic information for deep visibility into all API activity—which helps secure APIs and the digital assets they connect. To make it easier for organizations to experience this for themselves, Ping now provides a cloud-based intelligence trial.
- Stronger Security by Detecting New Types of Attacks
While traditional enterprise security solutions aren’t designed to protect against attacks targeting the unique vulnerabilities APIs present, PingIntelligence for APIs fills these security gaps by detecting, reporting and blocking anomalous behavior and attacks on each API under its watch. These include attacks on login systems, data theft, remote application control, API-specific DoS/DDoS attacks, stolen credential attacks and more. This update now extends the ability of PingIntelligence for APIs to stop additional threats, such as data exfiltration over extended periods of time, content scraping, and slow login attacks, along with delivering improved bot detection. In addition, this release supports sending threat information to Splunk environments, thereby enabling teams to consolidate attack information across their full security spectrum.
- Broadened Security Coverage by Integrating with More API Gateways
PingIntelligence for APIs enhances the security provided by any API gateway by bringing in AI-based threat detection and blocking to their environments. Adding to its current integrations with PingAccess and Axway AMPLIFY, the Ping solution now integrates with the Apigee Edge platform.
“Ping is helping some of the world’s largest organizations protect against an ever-diversifying landscape of cybersecurity threats, including those against API infrastructures,” said Bernard Harguindeguy, Ping CTO.
“Many of the recent API abuses and attacks took months and years to detect, further reinforcing the need for IT leaders to build API-security focused teams.
“As evidenced by the new advancements to our PingIntelligence for APIs solution, we’re committed to delivering even more leading-edge technology to protect our customers’ API infrastructures against these emerging threats.”