Home > News > Top Stories > Cequence Strengthens API Protection Platform with Game-Changing Generative AI and No-Code Security Automation

Platform Security, Software Security, API Security

Cequence Strengthens API Protection Platform with Game-Changing Generative AI and No-Code Security Automation

Cequence Strengthens API Protection Platform with Game-Changing

Cequence Security, the leader in API Protection, today announced new updates to the Unified API Protection (UAP) platform that strengthen customers’ ability to discover, manage risk and protect APIs. With the latest capabilities, organizations can rapidly deploy API Security Testing with built-in generative AI automation, protect users from online fraud and operationalize security findings with low-code/no-code workflows.

“We are always exploring ways to further automate and improve our UAP solution and help our customers consolidate the tools required to stay ahead of the threat actors,” said Ameya Talwalkar, founder and CEO. “The updates to our platform continue to set us apart from other point solution vendors in the API security space as we are providing our customers with the only integrated best-of-suite approach to discover, comply, test and protect their APIs.”

“Today, we are also excited to share we are the first API security vendor to take advantage of the game-changing Generative AI and no-code security automation within our UAP solution to better protect users from online fraud and simplify security findings,” continued Talwalkar.

Enhance API Security Testing with Generative AI

With the enormous potential of generative AI tools like ChatGPT and Google Bard, Cequence is one of the first cybersecurity companies and the first API Protection company to leverage its power to protect data and users from bad actors. Cequence has added several new capabilities to API Security Testing, including Test Plan generation using a new feature called Intelligent Mode that helps automate the generation of API Security Test Plans using plain English, extending the low-code/no-code approach to test case generation. Cequence UAP's Intelligent Mode automatically associates the appropriate APIs with the right test cases, given the functionality of that API. This not only drastically reduces the time needed to create a test plan to minutes, as compared to months with other solutions, it also ensures consistent experience across a customer's entire applications and environments.

Several other enhancements include detailed insights and remediation workflows into test failures. The test catalog now has test cases for the latest OWASP API Top 10 2023. Cequence also empowers InfoSec teams to run API tests outside of CI/CD pipelines, and instead, point attack test suites directly against staging or even production servers.

New Fraud Prevention Capabilities

To enable organizations to protect their APIs from online fraud, Cequence has introduced the Fraud Prevention module in API Spartan. The new module enables organizations to protect their end-customers from online fraud and instantly take action, including blocking transactions and generating enterprise-grade notifications to relevant teams.

Protecting applications and users against online fraud complements the existing capabilities of Cequence to detect and block business logic abuse, account takeover (ATO) attempts, common OWASP API Top 10 security risks and automated malicious traffic.

Operationalize API Protection with Low-Code/No-Code Security Automation

Cequence has introduced out-of-the-box integrations with over 300 third-party apps, including ServiceNow, PagerDuty, JIRA and Slack. Using off-the-shelf connections to these apps, security analysts can ensure security risks or threats are routed promptly to their business teams for remediation.

Security analysts can use a low-code/no-code approach within Cequence to implement the equivalent of an API Security Orchestration and Response (SOAR) workflow, wiring together multiple third-party connections to achieve their desired outcomes. Using this approach, analysts can operationalize workflows that promptly remediate critical API security risks, such as the discovery of shadow APIs that have access to sensitive data and new security risks of weak authentication or non-conformance to OpenAPI specifications in newly built pre-production CI/CD pipelines.

Enhanced Visibility of External Facing APIs with API Spyder

New enhancements to API Spyder enable customers to easily identify APIs that are externally accessible, but not entirely protected by Cloud Security Posture Management (CSPM) infrastructure. Additionally, this approach offers a seamless complement to API Sentinel's deep insights into runtime API inventory and compliance checking using the OWASP API Security Top 10 and other custom risk categories.

With the latest Unified API Protection platform updates, organizations can now protect their users from online fraud, operationalize security findings with low-code/no-code API SOAR-like workflows and rapidly deploy API Security Testing with built-in Generative AI automation. These capabilities continue to set Cequence apart from other point API security, bot management, anti-fraud and WAF vendors by having the industry’s first and only Unified API Protection platform that covers the entire API lifecycle. With UAP, customers can discover with API Spyder, comply with API Sentinel and protect with API Spartan.

About Cequence Security

Cequence Security, the pioneer of Unified API Protection, is the only solution that unifies API discovery, inventory, compliance, dynamic testing with real-time detection and native mitigation to defend against fraud, business logic attacks, exploits and unintended data leakage. Cequence Security secures more than 6 billion API transactions a day and protects more than 2 billion user accounts across our Fortune 500 customers. Learn more at www.cequence.ai.

Spotlight

11 Ways to Streamline SEC Cybersecurity Compliance

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

More featured news

Spotlight

11 Ways to Streamline SEC Cybersecurity Compliance

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Network Threat Detection

Fortinet Focuses on Business Growth to Drive Cybersecurity Innovation

Fortinet | November 06, 2023

Fortinet prioritizes secure networking, universal SASE, and security operations to expand globally and innovate in cybersecurity. Secure networking is estimated to reach $86 billion by 2027 and universal SASE $36 billion, aligning with the strategic change. Focusing on cybersecurity growth strengthens Fortinet's commitment to customer value and innovation. Fortinet, a global leader in cybersecurity, is focusing its business strategy on high-growth markets, emphasizing secure networking, universal secure access service edge (SASE), and security operations. This shift will drive innovation and reinforce its commitment to customers. Fortinet is reorganizing its research & development (R&D) and go-to-market (GTM) strategies around the three markets mentioned. They will develop integrated and advanced products to cater to these areas. Fortinet operates globally, serving hyperscale customers and promoting cybersecurity technologies. The three core markets Fortinet is concentrating on are secure networking, universal SASE, and security operations. These markets are expected to experience substantial growth, and Fortinet has a competitive advantage in them. This strategy aims to expand Fortinet's global business and provide value to its customers. The company is aligning with areas of high demand in the cybersecurity sector. Its current collection of organically developed and integrated products and services enjoys a notable competitive edge in the aforementioned three crucial markets: The market for secure networking is anticipated to reach $86 billion by 2027, expanding at a rate of nearly nine percent per year. 5G gateways, network firewalls, secure switches, and access points comprise the majority of its composition. With the expansion of its firewall business, Fortinet anticipates a corresponding increase in revenue for its FortiGuard Security Services, which are propelled by artificial intelligence (AI). Secure networking remains an integral component of Fortinet's strategy, given that it dominates both firewall revenues and units shipped in its greatest addressable market. Also, by 2027, the universal SASE market is anticipated to reach $36 billion, representing an annual expansion of nearly 20%. The system integrates various cloud-native networking and security technologies, including SD-WAN, secure web gateway (SWG), cloud access security broker (CASB), data loss prevention (DLP), zero-trust network access (ZTNA), SASE, and others. Its purpose is to streamline the process of implementing a zero-trust strategy. All functions of the SASE solution developed by Fortinet can be executed either in an appliance or in the cloud. This capability is facilitated by a unified management console, networking and security layer, and operating system. Recently, Fortinet was positioned in the inaugural Gartner Magic Quadrant for Single-Vendor SASE in 2023. Lastly, the security operations market is anticipated to reach $78 billion by 2027, expanding at slightly more than 14% per year. Fortinet's SecOps platform is the most comprehensive, integrated, and broad in the industry, enabling organizations to gain control and insight into their distributed operations through security orchestration, endpoint detection and response (EDR), automation and response (SOAR), security information and event management (SIEM), network detection and response (NDR), and additional integrated enterprise-grade cybersecurity technologies. Complementing Fortinet's R&D expenditures are strategic realignments in its GTM investments, concentrating on security operations, universal SASE, and secure networking. With the assistance of marketing support and training, sales will be structured in accordance with these three strategic areas in order to increase market penetration and consumer engagement.

Read More

Cloud Security

Fortinet New SASE Offerings Improve Cloud Protection for Microbranches

Fortinet | September 05, 2023

Fortinet, the worldwide cybersecurity leader driving the integration of networking and security, has announced new enhancements to its market-leading single-vendor Secure Access Service Edge (SASE) offering. FortiSASE already shields the hybrid workforce using a unified agent and includes SD-WAN integration for the branch. This solidifies FortiSASE's position as the market's most comprehensive offering. The list of Fortinet extended SASE solutions: SASE for Microbranches and IoT/OT Devices: FortiSASE now offers expanded integrations within the Fortinet wireless local-area network (WLAN) suite to aid organizations in securing microbranches and associated devices. FortiAP wireless access points intelligently offload traffic from microbranches to a SASE point of presence (POP) for scalable security inspection of all devices, including IoT and OT devices. This integration also implies that the Fortinet WLAN portfolio can be managed by the same straightforward, cloud-based management console customers already use for FortiSASE. Enhanced Data Loss Prevention Service: As a component of its cloud-delivered security services, FortiSASE includes the FortiGuard-powered Data Loss Prevention (DLP) service to safeguard sensitive data across the entire hybrid environment. This service now consists of a broader range of file types, data identifiers, and Software-as-a-Service (SaaS) applications, along with sophisticated data matching techniques to prevent accidental data breaches. By constant DLP enhancement, Fortinet provides organizations with a detailed understanding of their cloud applications and the tools needed to defend against new threats effectively. End-to-end Digital Experience Monitoring: For comprehensive network and SaaS application monitoring, Fortinet's Digital Experience Monitoring (DEM) solution integrates with FortiSASE to offer insights across users, Fortinet global SASE POPs, and the performance of SaaS applications such as WebEx, Office365, and Dropbox. In addition, this integration enable endpoint monitoring to provide end-to-end visibility, empowering IT teams with the data they need to decrease resolution times and ensure a positive user experience. Leveraging FortiGuard AI-Powered Security Services, Fortinet's SASE provides an extensive set of features, including unified security, streamlined management, and end-to-end Data Edge Management (DEM). This is accomplished by seamlessly integrating cloud-based security components, such as a cloud access security broker, secure web gateway, and Firewall-as-a-Service, in conjunction with networking functionalities through Software-Defined Wide Area Networking (SD-WAN). In addition, the solution incorporates Universal Zero Trust Network Access (ZTNA) capabilities to ensure resilient and secure connectivity to and from the internet, privately hosted applications, and Software as a Service (SaaS) applications.

Read More

Cloud Security

Cisco Secure Application to Provide Business Risk Observability

Cisco | September 15, 2023

Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment. The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings. Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact. Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications. In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments. As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles. As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications. According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development. As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses. Mark Leary, Research Director, IDC, stated, Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security [Source – Cision PR Newswire] Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said, An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments. [Source – Cision PR Newswire]

Read More

Network Threat Detection

Fortinet Focuses on Business Growth to Drive Cybersecurity Innovation

Fortinet | November 06, 2023

Fortinet prioritizes secure networking, universal SASE, and security operations to expand globally and innovate in cybersecurity. Secure networking is estimated to reach $86 billion by 2027 and universal SASE $36 billion, aligning with the strategic change. Focusing on cybersecurity growth strengthens Fortinet's commitment to customer value and innovation. Fortinet, a global leader in cybersecurity, is focusing its business strategy on high-growth markets, emphasizing secure networking, universal secure access service edge (SASE), and security operations. This shift will drive innovation and reinforce its commitment to customers. Fortinet is reorganizing its research & development (R&D) and go-to-market (GTM) strategies around the three markets mentioned. They will develop integrated and advanced products to cater to these areas. Fortinet operates globally, serving hyperscale customers and promoting cybersecurity technologies. The three core markets Fortinet is concentrating on are secure networking, universal SASE, and security operations. These markets are expected to experience substantial growth, and Fortinet has a competitive advantage in them. This strategy aims to expand Fortinet's global business and provide value to its customers. The company is aligning with areas of high demand in the cybersecurity sector. Its current collection of organically developed and integrated products and services enjoys a notable competitive edge in the aforementioned three crucial markets: The market for secure networking is anticipated to reach $86 billion by 2027, expanding at a rate of nearly nine percent per year. 5G gateways, network firewalls, secure switches, and access points comprise the majority of its composition. With the expansion of its firewall business, Fortinet anticipates a corresponding increase in revenue for its FortiGuard Security Services, which are propelled by artificial intelligence (AI). Secure networking remains an integral component of Fortinet's strategy, given that it dominates both firewall revenues and units shipped in its greatest addressable market. Also, by 2027, the universal SASE market is anticipated to reach $36 billion, representing an annual expansion of nearly 20%. The system integrates various cloud-native networking and security technologies, including SD-WAN, secure web gateway (SWG), cloud access security broker (CASB), data loss prevention (DLP), zero-trust network access (ZTNA), SASE, and others. Its purpose is to streamline the process of implementing a zero-trust strategy. All functions of the SASE solution developed by Fortinet can be executed either in an appliance or in the cloud. This capability is facilitated by a unified management console, networking and security layer, and operating system. Recently, Fortinet was positioned in the inaugural Gartner Magic Quadrant for Single-Vendor SASE in 2023. Lastly, the security operations market is anticipated to reach $78 billion by 2027, expanding at slightly more than 14% per year. Fortinet's SecOps platform is the most comprehensive, integrated, and broad in the industry, enabling organizations to gain control and insight into their distributed operations through security orchestration, endpoint detection and response (EDR), automation and response (SOAR), security information and event management (SIEM), network detection and response (NDR), and additional integrated enterprise-grade cybersecurity technologies. Complementing Fortinet's R&D expenditures are strategic realignments in its GTM investments, concentrating on security operations, universal SASE, and secure networking. With the assistance of marketing support and training, sales will be structured in accordance with these three strategic areas in order to increase market penetration and consumer engagement.

Read More

Cloud Security

Fortinet New SASE Offerings Improve Cloud Protection for Microbranches

Fortinet | September 05, 2023

Fortinet, the worldwide cybersecurity leader driving the integration of networking and security, has announced new enhancements to its market-leading single-vendor Secure Access Service Edge (SASE) offering. FortiSASE already shields the hybrid workforce using a unified agent and includes SD-WAN integration for the branch. This solidifies FortiSASE's position as the market's most comprehensive offering. The list of Fortinet extended SASE solutions: SASE for Microbranches and IoT/OT Devices: FortiSASE now offers expanded integrations within the Fortinet wireless local-area network (WLAN) suite to aid organizations in securing microbranches and associated devices. FortiAP wireless access points intelligently offload traffic from microbranches to a SASE point of presence (POP) for scalable security inspection of all devices, including IoT and OT devices. This integration also implies that the Fortinet WLAN portfolio can be managed by the same straightforward, cloud-based management console customers already use for FortiSASE. Enhanced Data Loss Prevention Service: As a component of its cloud-delivered security services, FortiSASE includes the FortiGuard-powered Data Loss Prevention (DLP) service to safeguard sensitive data across the entire hybrid environment. This service now consists of a broader range of file types, data identifiers, and Software-as-a-Service (SaaS) applications, along with sophisticated data matching techniques to prevent accidental data breaches. By constant DLP enhancement, Fortinet provides organizations with a detailed understanding of their cloud applications and the tools needed to defend against new threats effectively. End-to-end Digital Experience Monitoring: For comprehensive network and SaaS application monitoring, Fortinet's Digital Experience Monitoring (DEM) solution integrates with FortiSASE to offer insights across users, Fortinet global SASE POPs, and the performance of SaaS applications such as WebEx, Office365, and Dropbox. In addition, this integration enable endpoint monitoring to provide end-to-end visibility, empowering IT teams with the data they need to decrease resolution times and ensure a positive user experience. Leveraging FortiGuard AI-Powered Security Services, Fortinet's SASE provides an extensive set of features, including unified security, streamlined management, and end-to-end Data Edge Management (DEM). This is accomplished by seamlessly integrating cloud-based security components, such as a cloud access security broker, secure web gateway, and Firewall-as-a-Service, in conjunction with networking functionalities through Software-Defined Wide Area Networking (SD-WAN). In addition, the solution incorporates Universal Zero Trust Network Access (ZTNA) capabilities to ensure resilient and secure connectivity to and from the internet, privately hosted applications, and Software as a Service (SaaS) applications.

Read More

Cloud Security

Cisco Secure Application to Provide Business Risk Observability

Cisco | September 15, 2023

Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment. The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings. Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact. Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications. In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments. As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles. As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications. According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development. As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses. Mark Leary, Research Director, IDC, stated, Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security [Source – Cision PR Newswire] Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said, An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments. [Source – Cision PR Newswire]

Read More

More featured news