Enterprise Security, Software Security, API Security
Businesswire | June 26, 2023
Wallarm, the end-to-end API security company, today announced the early release of its API Abuse Prevention feature to address one of the most critical API threats: bot-based attacks. Wallarm can now accurately identify and mitigate API bot activity, protecting systems against API abuse, account takeover (ATO), and price scraping. This new feature prevents potential revenue loss, protects customer information, and defends against reputational damage, while ensuring the best possible experience for legitimate API users.
"As the fintech, healthtech, and e-commerce industries continue to evolve, API security has become more crucial than ever, with bots posing an increasing threat. Traditional security measures, such as WAFs and WAAP tools, have demonstrated their inadequacy in mitigating these risks," explained Ivan Novikov, CEO of Wallarm. "Our API Abuse Prevention feature offers an innovative solution to this problem, accurately detecting and neutralizing various bot types without the complex deployment. This empowers our clients with a highly effective defense against bot-driven attacks on their APIs."
Bots are a significant threat to the security of APIs and a massive concern for organizations of all sizes. In recent years, there have been several high-profile incidents of API abuse, including the theft of customer data, Denial-of-Service (DoS) attacks, and unauthorized access to sensitive information. These incidents have highlighted the need for effective solutions to prevent API abuse.
Wallarm’s API Abuse Prevention provides organizations with a highly effective solution to protect APIs from bot-based attacks by using specialized detectors to identify and stop a wide range of bot types, including stuffing bots, spiders, scanners, security crawlers, and scalper bots. These detectors can detect bot activity based on several factors, such as request patterns, timing anomalies, and API endpoint behaviors. It is designed to provide organizations with customizable protection against malicious automated behavior that blocks the bad while allowing the good—and at scale.
While traditional bot protection products are mostly focused on the web application, Wallarm’s API Abuse Prevention is specifically developed to mitigate automated actions against APIs where competing solutions fall short. It is delivered on the existing Wallarm Advanced API Security platform, enabling customers to reduce tool sprawl, analyst workload and fatigue, and operational costs. Additionally, Wallarm API Abuse Prevention includes detailed reporting and analysis, allowing organizations to better understand the nature and full scope of bot activity on their APIs, which can be used to improve overall API security and prevent future attacks.
Wallarm’s API Abuse Prevention is available now as a part of Wallarm's Advanced API Security offering. To learn more, visit https://www.wallarm.com.
Wallarm End-to-End API Security offerings provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to: discover all their web apps & API endpoints, traffic flows and sensitive data usage for complete visibility; protect their entire API portfolio against emerging threats; and respond automatically to incidents for better risk management. Our platform supports modern tech stacks, offering dozens of deployment options in cloud and Kubernetes-based environments, and also provides a full cloud solution. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.
Security Audit and Compliance
Lumen Technologies | September 13, 2023
Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product.
The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE.
The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways.
On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers.
Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback.
The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries.
Senior Director of SASE Product Management at Lumen, Darren Wolner, said,
There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements.
[Source – Cision PR Newswire]
Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment.
The new capabilities added to Lumen SASE Solutions include:
Security Service Edge (SSE)
SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers.
Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment.
In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada.
Pete Finalle, Research Manager with IDC, stated,
The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide.
[Source – Cision PR Newswire]
Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.
Fortinet | September 05, 2023
Fortinet, the worldwide cybersecurity leader driving the integration of networking and security, has announced new enhancements to its market-leading single-vendor Secure Access Service Edge (SASE) offering. FortiSASE already shields the hybrid workforce using a unified agent and includes SD-WAN integration for the branch. This solidifies FortiSASE's position as the market's most comprehensive offering.
The list of Fortinet extended SASE solutions:
SASE for Microbranches and IoT/OT Devices:
FortiSASE now offers expanded integrations within the Fortinet wireless local-area network (WLAN) suite to aid organizations in securing microbranches and associated devices. FortiAP wireless access points intelligently offload traffic from microbranches to a SASE point of presence (POP) for scalable security inspection of all devices, including IoT and OT devices. This integration also implies that the Fortinet WLAN portfolio can be managed by the same straightforward, cloud-based management console customers already use for FortiSASE.
Enhanced Data Loss Prevention Service:
As a component of its cloud-delivered security services, FortiSASE includes the FortiGuard-powered Data Loss Prevention (DLP) service to safeguard sensitive data across the entire hybrid environment. This service now consists of a broader range of file types, data identifiers, and Software-as-a-Service (SaaS) applications, along with sophisticated data matching techniques to prevent accidental data breaches. By constant DLP enhancement, Fortinet provides organizations with a detailed understanding of their cloud applications and the tools needed to defend against new threats effectively.
End-to-end Digital Experience Monitoring:
For comprehensive network and SaaS application monitoring, Fortinet's Digital Experience Monitoring (DEM) solution integrates with FortiSASE to offer insights across users, Fortinet global SASE POPs, and the performance of SaaS applications such as WebEx, Office365, and Dropbox. In addition, this integration enable endpoint monitoring to provide end-to-end visibility, empowering IT teams with the data they need to decrease resolution times and ensure a positive user experience.
Leveraging FortiGuard AI-Powered Security Services, Fortinet's SASE provides an extensive set of features, including unified security, streamlined management, and end-to-end Data Edge Management (DEM). This is accomplished by seamlessly integrating cloud-based security components, such as a cloud access security broker, secure web gateway, and Firewall-as-a-Service, in conjunction with networking functionalities through Software-Defined Wide Area Networking (SD-WAN).
In addition, the solution incorporates Universal Zero Trust Network Access (ZTNA) capabilities to ensure resilient and secure connectivity to and from the internet, privately hosted applications, and Software as a Service (SaaS) applications.