Home > News > Top Stories > Indusface Enhances its Web Application & API Protection (WAAP) platform AppTrana with Industry's First Risk-Based Protection to APIs

Web Security Tools

Indusface Enhances its Web Application & API Protection (WAAP) platform AppTrana with Industry's First Risk-Based Protection to APIs

Indusface
Indusface, a leading application security SaaS company that continually detects security risks, provides real-time protection, and improves the performance of Websites and Applications, today announced that it is adding Risk-Based API Protection to its WAAP platform, AppTrana.

APIs are the lifeline of the digital economy with many companies adopting the API-first approach. However, the growth of APIs is also opening up new risk vectors that they are not aware of. According to Gartner, more than 90% of applications have more attack surface exposed through API than UI and by 2022, API Abuse will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.

Indusface is revolutionizing the API security space by building on its API Protection capabilities. The company is doing so through the most comprehensive API protection to date by extending its risk-based approach to the same.

"AppTrana's risk-based approach is unique and something that resonates with our customers. What customers are really interested in is knowing how well their application is protected based on the risk posture of their application. Building on this, we are now enhancing our API Protection capabilities by providing a risk-based approach to API security which we believe would revolutionize the market. With this, customers will be able to identify vulnerabilities found in their public APIs and quickly correlate how these are protected through API-specific policies and positive security policies applied in AppTrana providing the most comprehensive protection for APIs."

Ashish Tandon, Founder and CEO, Indusface

As with any security, you can protect only what you know and protection is as strong as the weakest link. The major challenges with APIs are discoverability and the ability to understand the context of APIs so that security can be tailored accordingly. It is to address these challenges that Indusface is enhancing its API protection in AppTrana. Collectively through a multi-step approach, customers get to discover APIs, understand risk posture and ensure comprehensive protection of APIs.

With Indusface AppTrana's Risk-based API Protection, you get:

  • To understand the risk posture of the APIs through unlimited automated API scans including manual tests for identifying business logic vulnerabilities. This enables organization to understand the weakest links of the APIs and get clear visibility around how these links are protected.
  • Visibility into API traffic patterns and discovery of shadow APIs, so that you are no longer blindsided by what you don't know
  • To protect APIs with API-specific rules written specifically to protect against OWASP Top 10 API vulnerabilities
  • Behavioral-based protection against DDoS attacks on APIs by analyzing API traffic pattern
  • Behavioral-based protection against BOT attacks
  • Positive security for APIs through analysis of swagger (OpenAPI 2.0) files and creation of automated positive security policies 
  • Accurate, real-time view of vulnerabilities blocked by API specific rules, positive security policies, custom rules, and those that need fixes in the application

About Indusface
Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 3000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.

Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers' Choice' in all the 7 segments for Voice of Customer WAAP (Web Application and API Protection) Report 2022, is a "Great Place to Work" certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

Spotlight

11 Ways to Streamline SEC Cybersecurity Compliance

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

More featured news

Spotlight

11 Ways to Streamline SEC Cybersecurity Compliance

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Network Threat Detection

Fortinet Expands Its Global SASE Points-of-Presence with Google Cloud

GlobeNewswire | October 18, 2023

Fortinet (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the expansion of its SASE Points-of-Presence (POPs) to new locations through a partnership with Google Cloud. The partnership allows Fortinet to leverage Google Cloud’s global network edge locations closest to their regions of presence, which deliver dedicated interconnect and 99.99% service availability, to accelerate the expansion of Fortinet’s Universal SASE solution. Single-vendor SASE is a critical architecture organizations adopt to connect their hybrid workforces securely. A robust network of SASE POPs that are scalable and globally available is crucial to delivering a superior user experience while enabling a strong security posture. By leveraging Google Cloud, Fortinet Universal SASE is even better positioned to serve a more extensive global footprint, ensuring that customers can seamlessly connect and secure their hybrid workforces to critical applications, said Michael Xie, Founder, President, and Chief Technology Officer of Fortinet. This partnership will expand our global POP resources and accelerate customer adoption of Fortinet’s Universal SASE solution. And because our SD-WAN solution is natively integrated with our SASE offering, Fortinet’s global SD-WAN customers now have an even broader ability to easily adopt integrated cloud-delivered security to implement a comprehensive Universal SASE solution. “Organizations worldwide rely on the Google Cloud for critical networking and access,” said Muninder Sambi, Vice President and GM of Networking at Google Cloud. “Our expanded partnership with Fortinet can enable high uptime for customers looking to support their hybrid workforces with Fortinet’s SASE solution, along with the advantages of using Google Cloud’s Cross-Cloud Network, which include lower costs and improved application experiences.” Converging Networking and Security with Fortinet Universal SASE Fortinet’s Universal SASE solution uniquely converges networking and security to support today’s hybrid workforce, expanding network edges and new microbranches to enable secure access to applications while providing high ROI through consolidation and improved digital user experience. Fortinet’s solution includes an extended portfolio of critical technologies and services that enable organizations to adopt a zero-trust security posture by effectively applying and monitoring context-based policies regardless of the resource a user is accessing. Fortinet Universal SASE offers a high-performance and scalable cloud network with best-in-class AI-powered security, unified management, and end-to-end digital experience monitoring to ensure secure access to web, corporate, and SaaS applications. Fortinet is the pioneer and leader of secure SD-WAN, the foundation of its Universal SASE solution. Universal SASE uses the same FortiOS operating system and AI-powered security services as its secure SD-WAN and cloud-delivered security service edge (SSE) solutions. This unique integrated approach extends secure web gateway (SWG), zero-trust network access (ZTNA), cloud access security broker (CASB), and Firewall-as-a-Service (FWaaS) solutions to its Universal SASE solution, enabling seamless connectivity, consistent end-to-end threat protection, and optimal user experience.

Read More

Software Security

BT and Google Cloud Advance Cybersecurity With New Partnership

PR Newswire | October 16, 2023

BT and Google Cloud today announced a new partnership focusing on an enhanced commitment to cybersecurity innovation. Serving customers in more than 180 countries and with a team of 3,000 security professionals, BT works with the security industry's leading vendors to provide managed security solutions to private and public sector organisations around the world. As part of the partnership, BT will become a managed services delivery partner for Google's Autonomic Security Operations (ASO) offering based on Google Chronicle. ASO is a holistic framework that combines principles, practices, and tools that enable organisations to take an adaptive and automated approach to threat management. Underpinned by Chronicle's peta-byte scale detection, a data lake powered by Google Cloud's data and analytics platform BigQuery, and rich, compelling analytics via Looker, the solution decreases the time to detect and respond to threats—which is essential in the face of the increasing volume and complexity of cyber-attacks. Customers will benefit from the new partnership by gaining the technological capabilities of Google Chronicle, combined with BT's track record of delivering cybersecurity services to organisations with complex estates and requirements. Customers will be supported by experts from BT's Security Advisory Services team, who leverage BT's deep experience in security operations and integration to help organisations ensure that they have optimised their wider security architecture to fully align with their priorities and ambition. Combining Google Chronicle's capabilities with BT's view of global networks and experience of providing managed security services is a really exciting prospect. The ASO solution will help our customers to rapidly identify risks and automatically enhance their cyber defences—providing the speed that's essential to combating cyber-attacks. It represents the first step in our partnership with Google Cloud on cybersecurity, with both companies committed to providing new innovations and solutions that help organisations stay ahead of an increasingly threatening cyber threat landscape, said Tris Morgan, Managing Director, Security at BT. "Our partnership brings the best of BT's experience in deploying big data-based security platforms with Google Cloud's innovative security capabilities to help our multinational customers transform their approaches to cyber risk management in the face of a rapidly changing threat landscape," said Magali Bohn, Global Director, Partnerships & Channels at Google Cloud Security. The partnership builds on BT Group and Google's existing relationship to house BT Group's data in Google Cloud to support its analytics and AI ambitions. BT and Google Cloud will also seek to incorporate solutions from Mandiant, a market leader in threat intelligence solutions acquired by Google in 2022, as an additional aspect of the partnership. Finally, BT is working with Google Cloud to trial Google's Vertex AI and Duet AI capabilities.

Read More

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Network Threat Detection

Fortinet Expands Its Global SASE Points-of-Presence with Google Cloud

GlobeNewswire | October 18, 2023

Fortinet (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the expansion of its SASE Points-of-Presence (POPs) to new locations through a partnership with Google Cloud. The partnership allows Fortinet to leverage Google Cloud’s global network edge locations closest to their regions of presence, which deliver dedicated interconnect and 99.99% service availability, to accelerate the expansion of Fortinet’s Universal SASE solution. Single-vendor SASE is a critical architecture organizations adopt to connect their hybrid workforces securely. A robust network of SASE POPs that are scalable and globally available is crucial to delivering a superior user experience while enabling a strong security posture. By leveraging Google Cloud, Fortinet Universal SASE is even better positioned to serve a more extensive global footprint, ensuring that customers can seamlessly connect and secure their hybrid workforces to critical applications, said Michael Xie, Founder, President, and Chief Technology Officer of Fortinet. This partnership will expand our global POP resources and accelerate customer adoption of Fortinet’s Universal SASE solution. And because our SD-WAN solution is natively integrated with our SASE offering, Fortinet’s global SD-WAN customers now have an even broader ability to easily adopt integrated cloud-delivered security to implement a comprehensive Universal SASE solution. “Organizations worldwide rely on the Google Cloud for critical networking and access,” said Muninder Sambi, Vice President and GM of Networking at Google Cloud. “Our expanded partnership with Fortinet can enable high uptime for customers looking to support their hybrid workforces with Fortinet’s SASE solution, along with the advantages of using Google Cloud’s Cross-Cloud Network, which include lower costs and improved application experiences.” Converging Networking and Security with Fortinet Universal SASE Fortinet’s Universal SASE solution uniquely converges networking and security to support today’s hybrid workforce, expanding network edges and new microbranches to enable secure access to applications while providing high ROI through consolidation and improved digital user experience. Fortinet’s solution includes an extended portfolio of critical technologies and services that enable organizations to adopt a zero-trust security posture by effectively applying and monitoring context-based policies regardless of the resource a user is accessing. Fortinet Universal SASE offers a high-performance and scalable cloud network with best-in-class AI-powered security, unified management, and end-to-end digital experience monitoring to ensure secure access to web, corporate, and SaaS applications. Fortinet is the pioneer and leader of secure SD-WAN, the foundation of its Universal SASE solution. Universal SASE uses the same FortiOS operating system and AI-powered security services as its secure SD-WAN and cloud-delivered security service edge (SSE) solutions. This unique integrated approach extends secure web gateway (SWG), zero-trust network access (ZTNA), cloud access security broker (CASB), and Firewall-as-a-Service (FWaaS) solutions to its Universal SASE solution, enabling seamless connectivity, consistent end-to-end threat protection, and optimal user experience.

Read More

Software Security

BT and Google Cloud Advance Cybersecurity With New Partnership

PR Newswire | October 16, 2023

BT and Google Cloud today announced a new partnership focusing on an enhanced commitment to cybersecurity innovation. Serving customers in more than 180 countries and with a team of 3,000 security professionals, BT works with the security industry's leading vendors to provide managed security solutions to private and public sector organisations around the world. As part of the partnership, BT will become a managed services delivery partner for Google's Autonomic Security Operations (ASO) offering based on Google Chronicle. ASO is a holistic framework that combines principles, practices, and tools that enable organisations to take an adaptive and automated approach to threat management. Underpinned by Chronicle's peta-byte scale detection, a data lake powered by Google Cloud's data and analytics platform BigQuery, and rich, compelling analytics via Looker, the solution decreases the time to detect and respond to threats—which is essential in the face of the increasing volume and complexity of cyber-attacks. Customers will benefit from the new partnership by gaining the technological capabilities of Google Chronicle, combined with BT's track record of delivering cybersecurity services to organisations with complex estates and requirements. Customers will be supported by experts from BT's Security Advisory Services team, who leverage BT's deep experience in security operations and integration to help organisations ensure that they have optimised their wider security architecture to fully align with their priorities and ambition. Combining Google Chronicle's capabilities with BT's view of global networks and experience of providing managed security services is a really exciting prospect. The ASO solution will help our customers to rapidly identify risks and automatically enhance their cyber defences—providing the speed that's essential to combating cyber-attacks. It represents the first step in our partnership with Google Cloud on cybersecurity, with both companies committed to providing new innovations and solutions that help organisations stay ahead of an increasingly threatening cyber threat landscape, said Tris Morgan, Managing Director, Security at BT. "Our partnership brings the best of BT's experience in deploying big data-based security platforms with Google Cloud's innovative security capabilities to help our multinational customers transform their approaches to cyber risk management in the face of a rapidly changing threat landscape," said Magali Bohn, Global Director, Partnerships & Channels at Google Cloud Security. The partnership builds on BT Group and Google's existing relationship to house BT Group's data in Google Cloud to support its analytics and AI ambitions. BT and Google Cloud will also seek to incorporate solutions from Mandiant, a market leader in threat intelligence solutions acquired by Google in 2022, as an additional aspect of the partnership. Finally, BT is working with Google Cloud to trial Google's Vertex AI and Duet AI capabilities.

Read More

More featured news