CFOtech Australia logo
Technology news for Australian CFOs and financial decision-makers
Partner content
Story image

Industry-first comprehensive risk-based API security enhances protection

By Zach Thompson
Wed 22 Jun 2022

Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.

APIs have benefits like allowing an application’s clients to interact with its server or affording two applications the means to interact with each other, such as in the case of machine-to-machine communication.

But these benefits are also a problem, as APIs are generally publicly available, and well documented, and reverse-engineering them is straightforward, which is precisely how they’ve become the primary attack surface that hackers set their sights on.

As businesses increase their reliance on APIs, the need for API security is only going to grow as well.

The key to ensuring robust API security is putting in place strategies and procedures to manage vulnerabilities and security threats to the API.

While at its core, it centres around three broad security areas (application security, network security, and information security), it also factors in security issues such as validating content, controlling access, limiting rates, monitoring and analytics, throttling, data security and identity-based security.

API security is all the more important because APIs can be used to transfer sensitive data.

Securing these platforms guarantees that messages remain confidential by only making them available to applications, users, and servers with proper permissions to access them.

It also ensures the integrity of the content by preventing the message from having any opportunity to be altered after it has been transmitted.

In response to the growing demand for a solution, Indusface has released a new offering through the AppTrana platform, API Protection, which is a game-changer for the way organisations protect their most critical infrastructure.

Changing the way businesses protect vital assets

AppTrana’s API Protection is focused on two key areas: risk-based fully managed security and making this security -unique to API protection.

AppTrana’s approach and dedication to ensuring businesses can have straightforward protection have earned it significant praise in the industry, with Gartner ranking it as a customers’ choice in every segment of its Voice of the Customer report for 2022.

The API Protection module builds on everything Indusface stands for with its AppTrana offering, providing customers with exactly what they need to proactively prevent cyber attacks and keep their businesses running smoothly.

This includes ways to easily understand the risk posture of their APIs, API-specific rules created to explicitly protect against OWASP Top 10 API vulnerabilities, and protection based on behaviour to defend against DDoS attacks and BOT attacks.

In addition, AppTrana’s latest offering will analyse swagger (OpenAPI 2.0) files and give customers positive security for APIs by creating automated positive security policies as well as offer visibility into API traffic patterns and enable customers to discover shadow APIs.

Taking it a step further, API Protection will also accurately give users a real-time view of the vulnerabilities blocked by API-specific rules, positive security policies, custom rules and rules that need fixes in the application.

What makes AppTrana’s risk-based approach for APIs is that it uses postman files.

Users can test a range of security checks on web applications, but APIs require a more complex solution.

Indusface has designed API Protection around postman files so that AppTrana can understand which APIs a customer needs scanning and details including parameters, values, common, dynamic values used in more than one API (postman variables), the sequence that the APIs should be called in and the dependencies between APIs.

Because postman files are a common way of testing APIs in the development cycle, they usually contain all the required information.

AppTrana adds to this by looking at the postman files before it begins the scan and adding any further insights that will help its scanner generate more valuable results.

At the end of a scan, the team then manually verifies the results to ensure there are no false positives and publishes the data for the customer.

Learn more about API Protection and how it can save your business from hassle and hacks here.
 

Related stories
Top stories
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Digital wallets
NFTs are ready to disrupt the ticketing world
The last few months have seen NFTs wielded by digital creators to take ownership over their craft and content. Now other industries are beginning to understand the real-world value that these nifty decentralised tokens can provide.
Story image
Artificial Intelligence
Juniper study reveals top AI trends in APAC region
Juniper's research shows an increase in enterprise artificial intelligence adoption over the last 12 months is yielding tangible benefits to organisations.
Story image
Infrastructure
New VMware offerings improve cloud infrastructure management
VMware has unveiled VMware vSphere+ and VMware vSAN+ to help organisations bring benefits of the cloud to existing on-prem infrastructure.
Story image
Sustainability
Honeywell launches new carbon energy management software for buildings
The new Carbon & Energy Management service allows building owners to track and optimise energy performance against carbon reduction goals, down to a device or asset level.
Story image
MSP
Video: 10 Minute IT Jams - An update from CyberArk
Olly Stimpson joins us today to discuss the importance of MSP programmes and how MSP partners are experiencing success with CyberArk.
Story image
Microsoft
TO THE NEW unveils A/NZ Managed Services for Microsoft Azure
TO THE NEW has released Managed Services for Microsoft Azure to meet the growing demand in the A/NZ market and globally.
Story image
MarTech
Martech experts reveal the “buzz” on personalisation
In the digital age, innovative technology must be leveraged to power an efficient and effective relationship marketing strategy.
The Access Group
Health and social care organisations are currently under significant financial pressure. Find out how financial transformation can help provide an effective route forward.
Link image
Story image
Gartner
Gartner's top recommendations for security leaders
"Leaders now recognise that major disruption is only one crisis away. We can’t control it, but we can evolve our thinking, philosophy, program and architecture.”
Story image
Robotic Process Automation / RPA
Salesforce announces latest generation of MuleSoft
Salesforce has introduced the next generation of MuleSoft, a unified solution for automation, integration and APIs to automate any workflow.
Story image
Fintech
Corpay announces new collaboration with Triterras
Corpay and fintech firm Triterras have announced a new collaboration between Corpay’s Cross-Border business and Triterras Inc.    
Story image
Cybersecurity
Vulnerable APIs costing businesses billions every year
Large companies are particularly vulnerable to the security risks associated with exposed or unprotected APIs as they accelerate digital transformation.  
Story image
API
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Hybrid workforce
How organisations can prepare for a post-pandemic workforce
The so-called 'new normal' office looks different to how it did pre-pandemic, and organisations need to take steps to better manage their post-pandemic workforce. 
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Data ownership
Brands must reclaim trust by empowering data ownership
According to Twilio's new State of Personalisation Report 2022, 62% of consumers expect personalisation from brands, and yet only 40% trust brands to use their data responsibly and keep it safe.
Story image
NaaS
Survey finds 94% of Australian IT leaders looking at NaaS
Aruba’s latest survey reveals a rising interest in NaaS among Australian technology leaders as they re-evaluate their current infrastructure and network setup.
Story image
Airwallex
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Story image
Digital Transformation
Google Cloud launches new Digital Accelerator bundles for Aussie SMBs
The new bundles are designed to help Australian small and medium-sized businesses embrace digital transformation and take their businesses online.
Story image
Cloudera
Overcoming hybrid and multi-cloud challenges to drive innovation
Driven by improvements in technology, financial services companies have advanced both internal and external systems and processes, with the likes of digitisation, personalisation and risk management redefining the industry.
Story image
Hybrid workforce
Why hybrid working is here to stay and how to ace it
Citrix's new report reveals hybrid workers are more productive and engaged at work than their office and completely remote counterparts.
The Access Group
Increasing headcount isn't always the best way to grow. A good financial strategy can help solve many issues, and The Access Group shares the secret to success.
Link image
Story image
Attack
Phishing attacks are making a comeback
No matter what approach or tool cybercriminals use to breach a network, they all have one thing in common: access.
Story image
Market growth
Salesforce unveils new offerings for consumer goods companies
Salesforce has announced new products for consumer goods companies to help brands navigate increasing market complexity more easily.
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Cryptocurrency
NOWPayments launches new service to analyse cryptocurrency fees
NOWPayments has launched a new network fee optimisation solution that analyses current network fees and picks the most profitable option out of the client's payout wallets.
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
The Access Group
Struggling to understand which transformative technologies will help your business? The Access Group provides a look into key opportunities and impacts for finance.
Link image
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
DNS
DigiCert acquires DNS Made Easy and affiliated brands
Greg Clark comments, says, "This combination enhances the security of certificate validation and enables the automation of future validations."
Story image
Tech job moves
Tech job moves - ActiveCampaign, Arcserve, LogRhythm & Qlik
We round up all job appointments from June 17-22, 2022, in one place to keep you updated with the latest from across the tech industries.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Shouta
The rise of digital gifting in the workplace
The name itself does most of the explaining; it’s a gift you receive virtually. But a misconception about digital gifts is that they need to be redeemed virtually as well. 
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Accounting
One in five Aussies never reimbursed for work expenses
A new survey has exposed Australian employee job dissatisfaction, with many being left out of pocket for work expenses. 
Story image
Talend
Forrester names Talend Leader in enterprise data fabric
Forrester has named Talend a leader among enterprise data fabric providers in the Forrester Wave: Enterprise Data Fabric, Q2 2022 report.
Story image
Citrix
The best ways to attract young talent during labour shortages
New research from Citrix reveals hybrid working and ventures into the metaverse are top of mind for Gen Z workers.
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
Civil Defence
OutSystems platform chosen as part of ADF contract
"To be included in this project is a reflection of our ability to deliver secure, modern digital outcomes for defence at an incredible pace."