aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
  • Tools
  • About
  • Engineering

Announcing Apigee Advanced API Security For Google Cloud

  • aster_cloud
  • July 15, 2022
  • 4 minute read

Organizations in every region and industry are developing APIs to enable easier and more standardized delivery of services and data for digital experiences. This increasing shift to digital experiences has grown API usage and traffic volumes. However, as malicious API attacks also have grown, API security has become an important battleground over business risk.

To help customers more easily address their growing API security needs, Google Cloud is announcing today the Preview of Advanced API Security, a comprehensive set of API security capabilities built on Apigee, our API management platform. Advanced API Security enables organizations to more easily detect security threats. Here’s a closer look at the two key functionality included in this launch: identifying API misconfigurations and detecting bots.


Partner with aster.cloud
for your next big idea.
Let us know here.


cyberpogo

Identify API misconfigurations

Misconfigured APIs are one of the leading reasons for API security incidents. In 2017, Gartner® predicted that by 2022 API abuses will be the most frequent attack vector resulting in data breaches for enterprise web applications. Today, our customers tell us application API security is one of their top concerns, which is supported by an independent study from 2021 by Fugue and Sonatype. The report found that misconfigurations are the number one cause of data breaches, and that “too many cloud APIs and interfaces to adequately govern” are frequently the main point of attack in cyberattacks.

While identifying and resolving API misconfigurations is a top priority for many organizations, the configuration management process can be time consuming and require considerable resources.

Advanced API Security can make it easier for API teams to identify API proxies that do not conform to security standards. To help identify APIs that are misconfigured or experiencing abuse, Advanced API Security regularly assesses managed APIs and provides API teams with a recommended action when configuration issues are detected.

Read More  Efficient GRC With Cybersecurity Tooling
Advanced API Security identifies misconfigured API proxies, including the missing CORS policy.

 

APIs form an integral part of the digital connective tissue that make modern medicine run smoothly for patients and healthcare staff. One common healthcare API use case occurs when a healthcare organization inputs a patient’s medical coverage information into a system that works with insurance companies. Almost instantly, that system determines the patient’s coverage for a specific medication or procedure, a process which is enabled by APIs. Because of the often-sensitive personal healthcare data being transmitted, it is important that the required authentication and authorization policies are implemented so that only authorized users, such as an insurance company, can access the API.

Advanced API Security can detect if those required policies have not been applied, an alert which can help reduce the surface area of API security risks. By leveraging Advanced API Security, API teams at healthcare organizations can more easily detect misconfiguration issues and can reduce security risks to sensitive information.

Detect Bots

Because of the increasing volume of API traffic, there is also an increase in cybercrime in the form of API bot attacks—the automated software programs deployed over the Internet for malicious purposes like identity theft.

Advanced API Security uses pre-configured rules to help provide API teams an easier way to identify malicious bots within API traffic. Each rule represents a different type of unusual traffic from a single IP address. If an API traffic pattern meets any of the rules, Advanced API Security reports it as a bot.

Additionally, Advanced API Security can speed up the process of identifying data breaches by identifying bots that successfully resulted in the HTTP 200 OK success status response code.

Read More  How To Help Ensure Smooth Shift Handoffs In Security Operations
Advanced API Security helps visualize Bot traffic per API proxy.

 

Financial services APIs are frequently the target of malicious bot attacks due to the high-value data that is processed. A bank that has adopted open banking standards by making APIs accessible to customers and partners can use Advanced API Security to make it easier to analyze traffic patterns and identify the sources of malicious traffic. You may experience this when your bank allows you to access your data with a third-party application. While a malicious hacker could try to use a bot to access this information, Advanced API Security can help the bank’s API team to identify and stop malicious bot activity in API traffic.

API Security at Equinix

Equinix powers the world’s digital leaders, bringing together and interconnecting infrastructure to fast-track digital advantage. Operating a global network of more than 240 data centers with a 99.999% or greater uptime, Equinix simplifies global interconnections for organizations, saving customers time and effort with the Apigee API management platform.

“A key enabler of our success is Google’s Apigee, delivering digital infrastructure services securely and quickly to our customers and partners,” said Yun Freund, senior vice president of Platform at Equinix. “Security is a key pillar to our API-first strategy and Apigee has been instrumental in enabling our customers to securely bridge the connections they need for their businesses to easily identify potential security risks and mitigate threats in a timely fashion. As our API traffic has grown, so has the amount of time and effort required to secure our APIs. Having a bundled solution in one managed platform gives us a differentiated high-performing solution.”

Read More  Nokia And Google Cloud Sign Strategic Collaboration To Transform Nokia’s Digital Infrastructure

Getting started

To learn more, check out the documentation or contact us to request access to get started with Advanced API Security.

To learn more about API security best practices, please register to attend our Cloud OnAir webcast on Thursday, July 28th, 2:00 pm PT.


Gartner, API Security: What You Need to Do to Protect Your APIs, Mark O’Neill, Dionisio Zumerle, Jeremy D’Hoinne, 28 August 2019

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

 

 

By: Vikas Anand (Director of Product, Google Cloud)
Source: Google Cloud Blog


Our humans need coffee too! Your support is highly appreciated, thank you!

aster_cloud

Related Topics
  • API
  • Apigee
  • Equinix
  • Google Cloud
  • Identity
  • Security
You May Also Like
View Post
  • Computing
  • Design
  • Engineering
  • Multi-Cloud

Amazing Federated Multicloud Apps

  • June 2, 2023
View Post
  • Engineering

Resolving Deployment Issues With Ts-node And Azure Development Pipelines

  • June 1, 2023
View Post
  • Design
  • Engineering

Four Steps To Managing Your Cloud Logging Costs On A Budget

  • May 31, 2023
View Post
  • Engineering
  • Tools

Red Hat Puts Podman Container Management On The Desktop

  • May 30, 2023
View Post
  • Engineering
  • Practices
  • Tools

Tricentis Launches Quality Engineering Community ShiftSync

  • May 23, 2023
View Post
  • Design
  • Engineering
  • Public Cloud

Kubernetes Costs Less, But Less Than What?

  • May 18, 2023
View Post
  • Engineering
  • People
  • Platforms

KubeCon Europe 2023 Highlights Kubernetes Explosion And Need For Instant Platform Engineering

  • May 17, 2023
View Post
  • Computing
  • Engineering

Component-Based Development Has Been A Long Time Coming

  • May 16, 2023

Stay Connected!
LATEST
  • 1
    Amazing Federated Multicloud Apps
    • June 2, 2023
  • 2
    What’s The Future Of DevOps? You Tell Us. Take The 2023 Accelerate State Of DevOps Survey
    • June 2, 2023
  • 3
    Resolving Deployment Issues With Ts-node And Azure Development Pipelines
    • June 1, 2023
  • 4
    What To Expect From Apple’s WWDC 2023
    • June 1, 2023
  • 5
    What Is Platform Engineering And Why Adopt It In Your Company?
    • June 1, 2023
  • 6
    Four Steps To Managing Your Cloud Logging Costs On A Budget
    • May 31, 2023
  • 7
    Red Hat Puts Podman Container Management On The Desktop
    • May 30, 2023
  • 8
    The Agile Mindset: A Path to Personal Fulfillment and Growth
    • May 30, 2023
  • 9
    G7 2023: The Real Threat To The World Order Is Hypocrisy.
    • May 27, 2023
  • 10
    Build Next-Generation, AI-Powered Applications On Microsoft Azure
    • May 26, 2023
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • 1
    Huawei OceanStor Pacific Scale-Out Storage Tops IO500 Rankings
    • May 26, 2023
  • 2
    MongoDB And Alibaba Cloud Extend Global Partnership
    • May 25, 2023
  • 3
    Tricentis Launches Quality Engineering Community ShiftSync
    • May 23, 2023
  • 4
    Oracle Cloud Infrastructure Adds To Growing List Of Government Approved Cloud Services
    • May 22, 2023
  • 5
    Huawei And Partners Announce Yucatan Wildlife Conservation Findings
    • May 18, 2023
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.