Need cloud computing? Get started now

PRESS RELEASE

Akamai Announces API Security Product to Protect APIs From Business Abuse and Data Theft

Cambridge, MA USA | August 02, 2023

Share

Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today announced the availability of API Security, a product that stops application programming interface (API) attacks and detects business logic abuse inside APIs. In addition, Akamai’s API Security discovers, audits and monitors API activity using behavioral analytics to rapidly respond to threats and abuse.

API security has become a critical concern for organizations as API attacks continue to grow. A recent State of the Internet report by Akamai noted that 2022 was a record year for application and API attacks. Once an API has been authorized by a web application and API protection (WAAP) product, security teams have no visibility into its use within the organization. Malicious actors are aware of this blind spot and have shifted to abusing the vast API attack surface.

Akamai’s stand-alone API Security solution is a result of Akamai’s acquisition of Neosec, announced in April of this year. It works with any API gateway, WAAP or cloud implementation. Akamai customers can also take advantage of edge connector, an integration that saves the time, energy, and cost of product integration with the click of a button.

The API Security product provides complete visibility into API activity, uses behavioral analytics to detect complex threats and improves detections by analyzing historical data uniquely stored in a data lake. The offering delivers API discovery, visibility and risk auditing combined with detection and response capabilities that enable full investigation and threat hunting. With API Security’s differentiating Shadow Hunt threat hunting managed service, machine learning signals are delivered to human analysts for investigation. Users can see their APIs, which means they can ensure protection by recording API activity, detecting any possible breaches and keeping customer data safe.

“Akamai’s API Security helps us with discovering and monitoring our critical APIs for all applications,” said Stan Lee, CISO of Earnin, a financial technology company. “It helps us to improve compliance and risk management while enabling business process agility and outcomes.”

“Recent breaches have painfully revealed the necessity of API security solutions. Preventing API-based attacks by guarding endpoints and checking credentials is no longer sufficient,” said Rupesh Chokshi, Senior Vice President and General Manager, Application Security at Akamai. “Akamai’s API Security gives organizations the ability to monitor API behavior in any platform or gateway to ensure that business processes are running smoothly and securely.”

Forrester Research recently noted the importance of API security in light of recent attacks. “API security is the hot app-sec tool of 2023. APIs made front-page news in 2022 when 9.8 million Optus customers had personal information stolen and ransomed due to a publicly exposed API that did not require authentication. Optus wasn’t the only one: Twitter, T-Mobile, and a law enforcement app all had API vulnerabilities that exposed data. The good news is that global security decision-makers reported that API security adoption rose from 2020 to 2022 and shows no signs of slowing. Use your increased security budget to inventory and secure your APIs.” (The State of Application Security, 2023, Forrester Research, Inc., June 7, 2023)

API Security complements Akamai’s existing App & API Protector (AAP) solution. Together, they deliver the most comprehensive global protection, combining enterprise-wide visibility, behavioral analysis of API activity and prevention of attacks and abuse. This joint strategy enables:

  • Broader discovery to see APIs on and off the Akamai content delivery network
  • Layered detections that are both signature-based and behavioral.
  • Customized responses to block threats in-line or remediate issues.
  • All of these protections benefit from easy deployment in one control center. Plus, they “check the box” on both OWASP Top 10 vulnerability lists and ensure access to API threat hunting expertise.

Akamai executives will be pleased to discuss API Security at the 2023 Black Hat USA event in Las Vegas on August 9-10. Please stop by the Akamai booth at #2420.

About Akamai

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.