Platform-integrated advanced API discovery and positive API security model applies machine learning to mitigate the risk of data breaches
Edgio (NASDAQ:EGIO), the platform of choice for speed, security, and simplicity at the edge, today announced the availability of its new API Security solution that uses machine learning (ML) to discover and protect enterprise Application Programming Interfaces (APIs) from evolving threats. The latest addition to Edgio’s Security platform reduces the risk of API-specific attacks and through simple integration with developer workflows enables strong application performance and accelerated application release velocity.
The rapid growth of APIs used to build microservices in cloud-native architectures has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical attack surface for hackers. Edgio uses ML to inspect both application traffic patterns and content to ensure API endpoints are discovered, managed and secured.
"Edgio’s unique Global Holistic Web Protection Platform (HWPP) features, including its dual WAAP, self-serviceability, SIEM and SOAR integration options, real-time log delivery, and pricing model are attractive capabilities that differentiate the company from many other market participants,” said Ying Ting Neoh, cybersecurity research analyst at Frost & Sullivan. “The latest addition of the new Edgio API Security solution that uses machine learning to discover and protect enterprise APIs from evolving threats, further adds to its differentiation in the security market.”
The launch of the Edgio solution comes at a time when API abuse is on the rise. According to the Veracode State of Software Security 2023, 74% of applications scanned in 2023 were found to have a high severity vulnerability.
“Our new advanced API security capabilities give customers integrated protection at the edge, a critical feature for the modern enterprise,” said Ajay Kapur, CTO and General Manager, Applications, at Edgio. “Built natively into our 300+ PoP edge network, the API Security solution provides strong protection for enterprises where and when they need it most, without management complexity and performance degradation.”
Available immediately to customers worldwide, Edgio is delivering this service as part of its fully integrated, holistic Web Application and API Protection (WAAP) solution for greater visibility with less complexity, giving customers the ability to respond to threats quicker. With its ML-powered API discovery capabilities, enterprises can easily onboard API endpoints on the Edgio platform via OpenAPI, and enforce encryption, API rate limiting, and other controls across identified APIs without tedious manual processes or bolt-on solutions. This ensures consistent security practices and mitigates the risk of unauthorized access or data breaches from unknown or hidden API endpoints.
In addition, Edgio now offers a positive security model via API schema validation to ensure that only API requests with the proper specifications are allowed access while mitigating invalid API requests. APIs rely on structured data formats, such as JSON, to communicate information between systems. The positive security model allows customers to verify that the data being transmitted adheres to the defined structure and format via standard OpenAPI specs, preventing malformed or unexpected data from causing errors or the exploitation of security vulnerabilities i.e., SQL injection attacks. It also prevents malicious API calls from overloading the application by filtering them out at the point of origin.
As part of Edgio’s Dual WAAP, the solution allows DevSecOps to test and validate API schema changes in production via an additional audit profile to lower the risk of blocking legitimate traffic and decrease the mean time to resolution (MTTR) with faster testing. Rule changes can be deployed across the entire network in under 60 seconds to close the door on attackers.
“With the proliferation of APIs at the heart of today’s digital world, API sprawl is creating new challenges for businesses,” said Kapur. “Building API discovery and protection into the Edgio platform helps organizations address their most pressing issue, without costly and time-intensive DIY or third-party approaches. Edgio helps them discover and manage shadow APIs, ensuring developers follow established API management protocols, and, most critically, ensuring data privacy and protection.”
Edgio (NASDAQ: EGIO) helps companies deliver online experiences and content faster, safer, and with more control. Our developer-friendly, globally scaled edge network, combined with our fully integrated application and media solutions, provide a single platform for the delivery of high-performing, secure web properties and streaming content. Through this fully integrated platform and end-to-end edge services, companies can deliver content quicker and more securely, boosting overall revenue and business value. To learn more, visit edg.io and follow us on Twitter, LinkedIn and Facebook.
Sally Winship Comollo