According to Salt Labs, the research division of Salt Security (which sells API cybersecurity products, granted), API attacks from March 2021 to March 2022 increased nearly 681%. It also predicts that 90% of web-enabled apps will have more attack surfaces exposed in APIs than user interfaces and that API abuses will become the top attack vector for most companies in 2022.
Traceable uses AI to analyse data to learn normal app behaviour and detect activity that deviates from the norm. Via a combination of ‘distributed tracing’ and ‘context-based behavioural analytics,’ the startup’s software, which works on-premises or in the cloud, can catalogue APIs including ‘shadow’ (e.g. undocumented) and ‘orphaned’ (e.g. deprecated) APIs in real time.
The company describes distributed tracing as a technique involving the use of ‘agent modules’ that collect diagnostic data from within production apps as code executes. Context-based behavioural analytics, meanwhile, refers to understanding the behaviour of APIs, users, data, and code as it relates to an organisation’s overall risk posture.
Traceable provides a risk score based on ‘a calculation of likelihood and the possible impact of an attack,’ using 70 criteria (reportedly). The software also maps app topologies, data flows, and unique security events, including runtime details on APIs and data stores.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.