Google Cloud Annonce Une Sécurité Avancée Des API via Apigee

Completion, Google has announced the public preversion of Advanced API Security, a complete set of API security features based on Apigee, their API management platform. Thanks to this new feature, clients can detect security threats more effectively.

L’entreprise acquis Apigee in 2016, integrated in the creation of slab and base creation of the API in the startup cloud and the service available for customers of Google Cloud Platform. As a result, other capabilities and features have been added to the service, such as surveillance capabilities and security improvements with the integration of Cloud Armor and Management. This is Advanced API Security.

Vikas Anand, Product Manager chez Google Cloud, detailed Google Cloud blog article:

Advanced API Security peut permettre aux équipes API d’identifier plus facilement les proxys API qui ne sont pas conforme aux norms desécurité. Pour aider à identify les APIs mal configuries ou victims d’abus, Advanced API Security regularly evaluates the managed APIs and provides aux équipes d’API a recommended action lorsque des problèmes de configuration.

Source: https://cloud.google.com/blog/products/identity-security/announcing-apigee-advanced-api-security-for-google-cloud

Publicity

The advanced API security capacity in Apigee is specialized in bot detection et identification of API configuration errors. The detection of configuration problems, the evaluation of the service of the API gérées and the command of the actions, and the use of the configuration rules for the transfer of the identifier les robots malveillants and trafic des API. Each rule represents a specific type of unusual traffic from a single IP address? si un modèle de trafic API corresponds to a new regulation system, Advanced API Security le signale comme un bot.

Google apporte la sécurité avncée des API pour réponder à l’augmentation des attaques pilotées par les APIs. In a recent Cloudentity étudier, 44% of businesses on the problems rencontre d’important d’authoritisation d’API impliquant la confidentiality, la fuite de données et l’exposition à des properties’ expositions. Des entreprises comme LinkedIn (en anglais seulement), Peléton, Marriottet Parler ont été victims of attacks pilotées par API au cours des derniers mois. Gartner Prévisions que les API seront le point d’attaque le plus courant cette année.

Dans un LinkedIn blog article, influencer technology Evan Kristel writer:

APIs are difficult to protect. Traditional solutions cannot handle the complexities of the API ecosystem. Les attaquants le savent, c’est pourquoi ils se concentrent sur les APIs.

In retrospect, Google is also facing increased competition in the API security segment with new API-based cybersecurity products such as Salt Security, Noname Security and Neosec. At the same time, established providers such as Barracuda, Akamai and Cloudflare have expanded their offerings.

Enfin, the Advanced Security API is a free locket for the first version.

Leave a Comment