API safety vendor Noname Safety at this time introduced a brand new launch of its platform, with numerous upgrades designed to reinforce visibility right into a consumer’s API setting and shield in opposition to the rising variety of API-based threats.
The expansion within the variety of these threats has been fueled by the growing centrality of APIs to fashionable enterprise computing, Noname said in a press release. The corporate cited a latest report from IBM as saying that as many as two thirds of all incidents analyzed by IBM’s X-Drive safety workforce concerned unsecured APIs.
Noname’s newest updates cowl a variety of recent capabilities, together with personalized discovery, Kubernetes options, simplified onboarding and extra. The concept, in line with the corporate, is to enhance the answer’s protection and permit it to work extra rapidly to find potential vulnerabilities.
“APIs are the connective tissue for the digital world,” stated co-founder and CTO Shay Levi, in an announcement.
Visibility and discovery key to API safety
The updates, as an entire, are well-designed to focus on an important elements of the broader API safety concern, in line with Forrester principal analyst Sandy Carielli. Visibility and discovery, for example, are nonetheless a significant problem to many organizations. “A lot of firms don’t have a way of what APIs are of their environments or what knowledge is getting used,” she stated. “Any tooling enhancements that add context to the invention course of, which this announcement talks about, I believe will likely be excellent news for the organizations struggling to know what they’ve.”
A part of the issue that improved visibility makes an attempt to unravel is the presence of zombie APIs – that are APIs which were depreciated or forgotten and aren’t in energetic use, however are nonetheless current on an organization’s methods – and rogue APIs, which might be used to supply again doorways into vital subsystems.
Testing APIs for vulnerabilities
Testing, in line with Carielli, is the opposite a part of the API safety panorama that’s successfully addressed by Noname’s newest updates. Testing APIs for vulnerabilities will be time consuming primarily based on the truth that they’re often not built-in in to growth pipelines – in addition to the aforementioned indisputable fact that there are more and more giant numbers of them current on the common firm’s methods.
“What jumps out to me about [Noname’s announcement] is the concept of leaving no API untested,” she stated. “They’re wanting not simply on the tech however on the enterprise logic features of APIs.”
The brand new options can be found now, and no pricing adjustments have been introduced.
Copyright © 2023 IDG Communications, Inc.