©2024 Akamai Technologies
Noname Security (now an Akamai company) is the lighthouse for my AppSec team: Now we know what to focus on. It’s a major data security tool for us. The deployment was very easy and they were true partners in the process. Now we can assess our risk in the most scientifically true way possible and control our destiny.
Nir Rothenberg, CISO, Rapyd
Rapyd is the fastest way to power local payments anywhere in the world, enabling companies across the globe to access markets quicker than ever before. By using Rapyd’s unparalleled payments network and fintech as a service platform, businesses and consumers can engage in local and cross-border transactions in any market.
The Rapyd platform is unifying fragmented payment systems worldwide by bringing together 900-plus payment methods in more than 100 countries.
Visibility into API risks and attack signals
Rapyd’s main product is its public payments API, which handles billions of dollars of transactions 24/7. Even minor instances of disruptions, fraud, or abuse could mean millions of dollars in lost revenue, significant remediation costs, and a loss of customer trust for both Rapyd and its customers.
Although Rapyd runs an active bug bounty program, significantly customized its web application firewall (WAF), and considers API security mission-critical, its APIs were a black box to its security team. They lacked granular visibility into API use and behavior, business logic was unknown, and it was difficult to identify (let alone stop) attacks in real time.
Consequently, Rapyd’s security team needed a better way to secure both its public API and its hundreds of internal APIs in a highly complex system that operates in the cloud at a global scale. This meant a purpose-built API security solution that didn’t have the visibility gaps of their existing infrastructure, which included API gateways. They specifically needed:
- A granular inventory of all their APIs
- Visibility into the API coding errors or misconfigurations that create vulnerabilities in their security posture
- Intelligently prioritized alerts so security analysts could focus on the most important risks
- Automation and integration capabilities necessary to stop attacks
Solutions to protect APIs and payment innovations
Rapyd’s CISO evaluated a number of established purpose-built API security solutions, including those from vendors with long track records. However, most fell short of providing complete API security because they lacked important capabilities, such as full packet capture for deep analysis of attacker behavior and visibility beyond traffic and anomalies in their global API security posture.
Amid a range of vendors offering some API security features, Noname Security (now an Akamai company) provided the combination of comprehensive visibility from code to production, discoverability, automation, integrations, and behavior-based anomaly detection that Rapyd needed. From their first meeting, Noname Security demonstrated an intense customer focus, level of expertise, and industry leadership.
After evaluating each vendor’s combination of product and team capabilities, Akamai emerged as the clear leader. The CISO’s team quickly deployed the Noname API Security Platform (now part of Akamai API Security) — including posture management, runtime protection, and Active Testing in one unified solution — across all their AWS regions globally.
Results
With Akamai API Security, Rapyd can protect its APIs and critical assets from cyberattacks with:
- Easy, effective, and accurate API behavioral prevention, detection, and response
- Effective resource use to proactively de-risk the environment
- Evidence of security control and demonstration of compliance
- Secure handling of sensitive data and third-party risk exposure
Rapyd can now confidently grow its global business both quickly and securely, as real data from blocked attacks and production vulnerabilities inform their development efforts and new code can be easily tested before going live. Rapyd will also have full architectural freedom to deploy Akamai API Security as fully cloud-based, fully on-premises, or any hybrid combination as needed as they continue to expand into new markets and regulatory environments.
About Rapyd
Rapyd lets you build bold. Liberate global commerce with all the tools your business needs to create payment, payout, and fintech experiences everywhere. From Fortune 500s to ambitious business and technology upstarts, our payments network and powerful fintech platform make it easy to pay suppliers and get paid by customers — locally or internationally.
With offices worldwide, including Tel Aviv, Dubai, London, Iceland, San Francisco, Miami, Hong Kong, and Singapore, we know what it takes to make cross-border commerce as easy as being next door. Rapyd simplifies payments so you can focus on building your business. To learn more about the company that is accelerating the fintech as a service revolution, visit www.rapyd.net, read their blog, or follow them on LinkedIn and X.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.