Traceable AI, an API security and observability company, recently announced enhanced capabilities to address specific API attacks, including API abuse and misuse, fraud and malicious API bots.
Application programming interfaces (APIs) can facilitate a new level of business innovation, with many organizations deploying hundreds or thousands of APIs.
Yet, many organizations’ API security measures are still in their early phases of development, and they have not yet put adequate security measures in place. In fact, Gartner predicted APIs would be the most common method of attack for cloud systems in 2022.
The company says that to address API-based attacks, Traceable AI’s updated platform includes many security and fraud mitigation features. For example, the platform’s new capabilities enable organizations to identify, stop, and eliminate sophisticated API attacks. In turn, companies can safeguard their data, finances and reputation.
“APIs are the largest attack vector for data loss, business logic abuse and fraud in nearly every industry,” stated CTO and co-founder of Traceable AI, Sanjay Nagaraj. “Organizations are seeing more APIs being abused for account takeovers, manipulating inventory or prices, fraud in referral or digital payments, or exfiltrating sensitive data such as social security numbers and banking information. These have serious consequences from a compliance standpoint and a negative financial and brand impact.”
The updated platform features include:
- The platform allows organizations to keep track of volumes of sensitive information flowing between APIs over time. It also can categorize users who use APIs to access data (e.g., partners, data owners).
- Security and compliance teams can build customizable data sets to improve data protection and compliance capabilities.
- Organizations can detect threats more accurately with various sensors, including geolocation, Tor, botnet, proxy, and malicious bots (e.g., spam, scraper, botnet).
- Other features include the ability to correlate with account takeover increases or excessive login attempts and fraud detection for data related to loyalty points, gift cards, free credits, and related areas.
- Users can set up a baseline of API sequences and user behavior to identify fraudulent activity.
“We recognize how important it is to prevent abuse and fraudulent activities via API’s and continue to innovate our API Security Platform,” Nagaraj said. “These latest platform updates better arm organizations against these types of malicious threats.”
Edge computing is based on the premise of being open and programmable. APIs are a significant part of an edge and cloud computing infrastructure; as a result, API security is paramount when considering larger edge applications.
Thus, as API attacks become more common, organizations must have a platform that can provide visibility and traceability to these types of attacks.
Traceable AI’s additions to its platform may be quite valuable for businesses confronted with specific types of API attacks. For example, the technology is claimed to allow companies to detect abnormalities more swiftly and block API assaults. Additionally, setting up a baseline of API sequences and user behavior may enable organizations to see fraudulent activity more accurately.
API | application management | DevOps | observability | security | Traceable AI