Home > News > featured news > Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

Neosec | November 16, 2022 | Read time : 03:50 min

Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest.

Today, many organizations are blind to the threats lurking within their API traffic. Even worse, organizations are forced to implement basic logging of its API traffic that doesn't contain the meaningful information about who accessed, what records were accessed or manipulated and how. There exists a justified fear of logging sensitive data or being out of compliance, and with the lack of technology that can perform it at scale, they prefer to log with low fidelity. Those logs tell you that "somebody modified or accessed a record" but typically don't disclose who accessed it, which record, or what action was performed.

This decision also results in a downstream issue of "insufficient logging", which is noted by the Open Web Application Security Project as one of the top security problems in its 2021 OWASP API Top 10. "Insufficient logging" is poor for incident forensics and, in practice, means that you can't detect abuse or investigate a case, even if you know it happened.

Tokenization is the process of substituting a sensitive data element, like a credit card number, for a non-sensitive equivalent that has no intrinsic or exploitable value or meaning. Neosec's automated tokenization is part of its 'privacy by design' philosophy and is already deployed successfully at customers around the world in financial services, insurance and hospitality companies among others.

The process allows retaining tokenized API activity data for the purposes of performing true behavioral analytics over time, ensures that sensitive data is never stored at rest, and enables only the customer to de-tokenize, based on the strictest data privacy practices.

"Solving API security starts with basic visibility and the ability to see how the APIs are used. The problem is that virtually every company logs API activity with low fidelity that doesn't enable this basic visibility. "In order to perform true behavioral analytics and investigate cases you must store and examine historical data. But if this analysis is performed on un-tokenized data you risk storing PII and creating compliance issues. Neosec successfully retains all API activity data, in the highest fidelity, and ensures it meets data privacy standards."

Giora Engel, co-founder and chief executive officer, Neosec

This focus on data and the visibility it brings is what previously defined the creation of the EDR (Endpoint Detection & Response) security space. "Trying to implement API security without enabling basic visibility of activity is like going back to the antivirus age before the advent of EDR. Visibility into API activity allows you to detect threats, understand behavior, investigate and remediate" said Engel.

The Neosec API security solution discovers and maintains an up-to-date inventory of all APIs in use by an organization and then uses machine learning and behavioral analytics on tokenized data to find fraud and abuse by third parties and attackers. Neosec also enables proactive API threat hunting and investigations without storing any sensitive data.

The automated API data tokenization is now a capability of the Neosec platform and is fully available. There is no extra cost for use of this unique capability.

About Neosec
Neosec is re-inventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities together with a team of expert threat hunters. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel.

Spotlight

2023 Data Protection Trends Executive Brief United States Edition

In late 2022, an independent research firm completed their survey of 4,200 unbiased IT leaders and implementers on a variety of data protection drivers, challenges, and strategies — including 1175 in United States. This broad-based market study on unbiased organizations is conducted annually on Veeam’s behalf to understand how the data protection market continues to evolve, so that Veeam can ensure product strategies and market initiatives align with where the market is going.

More featured news

Spotlight

2023 Data Protection Trends Executive Brief United States Edition

Related News

DATA SECURITY, SOFTWARE SECURITY

Virtru Joins NIST NCCoE Data Security Consortium

Virtru | March 03, 2023

On March 2, 2023, Virtru, a prominent figure in data-centric security and privacy, announced its involvement in NIST's National Cybersecurity Center of Excellence (NCCoE) Data Classification Practices: Facilitating Data-Centric Security Management initiative. As part of a team of global technology leaders, Virtru will collaborate with NIST to develop recommended data classification and data-centric security practices, which will protect data while supporting business practices and transactions. The goal of this collaborative effort is to promote data-centric security on a larger scale. As systems become more mobile, dispersed and shared across different environments and stewardship, traditional network-centric security measures are increasingly ineffective at protecting information. Data-centric security aims to safeguard data at the object level by securing it directly rather than simply securing the systems and networks that store and transmit it. Organizations employing this approach can identify their data, its characteristics, and the security and privacy requirements needed to control and protect it fully. Virtru has a long-standing history of partnering with the public- and private-sector organizations to achieve data-centric security, serving the federal intelligence community, the largest financial institutions globally, and over 8,000 organizations worldwide. Virtru's technology enables organizations to enforce policy, encryption and access controls directly to data being transmitted via files, emails and SaaS applications while allowing organizations to manage their encryption keys for complete control and data sovereignty. Virtru's Chief Technology Officer, Will Ackerly, commented, "Data-centric security is central to everything we do at Virtru," He further emphasized, "Our goal is to enable the mission — that means moving data freely, but securely. Being a member of NIST's NCCoE Data Classification project is a manifestation of more than a decade of hard work. By tagging data appropriately, we can help ensure public- and private-sector organizations can trust that their data will be used and shared appropriately, just as the data creator intended. This is vital to the future of collaboration." (Source – Globe Newswire) About Virtru Virtru is a leading data security and privacy solutions provider. With end-to-end encryption for major data-sharing platforms like Microsoft and Google, it helps customers take charge of their data wherever it is shared. It empowers organizations to keep control of their data by ensuring that it is protected everywhere it is stored and shared. The company is trusted by over 8,000 customers worldwide and is dedicated to safeguarding their sensitive data according to the highest security standards. Its Trusted Data Format (TDF) is an industry standard that provides persistent data protection through encryption technology for data shared via email, collaboration tools, cloud environments, and enterprise SaaS applications.

DATA SECURITY, ENTERPRISE SECURITY

IronNet Signs Contract to Enhance Cybersecurity of U.S. NAVSEA

IronNet | February 13, 2023

IronNet, Inc. (IronNet), a pioneer in transforming cybersecurity through collective defense℠, recently announced the execution of an initial federal contract to deliver cybersecurity services to the United States Navy's Naval Sea Systems Command (NAVSEA), the largest of the Navy's five "systems commands." The agreement was entered following the successful completion of a pilot program that provided NAVSEA with the IronNet Collective Defense Platform. As nation-state cyber threats against the Defense Industrial Base (DIB) program of the Department of Defense (DoD) continue to increase, IronNet strengthens the DIB's cybersecurity prevention and protection of third-party and supply chain cyber risk. This support corresponds with the DoD's initiatives to encourage DIB entities to provide information and share anonymized cyber threat indicators that they deem helpful for notifying the government and others in order to counter threat actor activities more effectively. The IronNet Collective Defense Platform will allow each contractor in the NAVSEA DIB program to boost its network threat visibility while also integrating them in real-time through a private IronNet Collective Defense Community for NAVSEA. Through linked alerts, automated triage, and extended hunt assistance, the IronNet Collective Defense Platform acts as an early warning system for all participating corporations and organizations, increasing network security. In addition, IronNet's platform was recently updated to increase alert fidelity and analyst workflow by strengthening embedded risk scoring for more accessible alert prioritizing. These improvements result in much lower alert loads, false positives, and a shorter time to investigate. NAVSEA will have enhanced visibility of the current threat landscape, with situational context, thanks to the IronNet Collective Defense Platform, and will be able to increase the effectiveness of existing defenses and cybersecurity solutions used by its DIB contractors. Continuous monitoring of known and undiscovered threats contributes to meeting Cybersecurity Maturity Model Certification (CMMC) parameters. The IronNet Collective Defense Platform offers timely actionable, and relevant cyber attack intelligence earlier in case of an incursion before a threat can have a substantial impact, allowing DIB firms and the Navy to defend US Naval intellectual property better. About IronNet IronNet, founded in 2014, is a leading cybersecurity company transforming how businesses, industries, and governments safeguard their networks. It leverages the abilities of its top-tier cybersecurity operators' real-world, public and private sector, offensive and defensive cyber expertise and integrates their deep tradecraft knowledge into its industry-leading solutions to address the most complex cyber challenges affecting business today. The company's solutions use behavioral analytics, artificial intelligence and machine learning techniques to assist private and public companies in discovering unexpected risks across critical infrastructure.

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Edgio Enhances Its Security Platform Capabilities to Improve Edge Security

Edgio | February 28, 2023

On February 27, 2023, Edgio, Inc. announced major enhancements to its security platform to enable enterprises to better identify and respond to emerging threats while ensuring the integrity, confidentiality, and availability of their data and applications. The platform's new capabilities aim to reduce the damage caused by the upsurge in the severity of Distributed Denial of Service (DDoS) and other advanced application attacks. Edgio's DDoS scrubbing solution delivers dedicated DDoS mitigation capacity that safeguards all protocols and direct-to-origin attacks, complementing Edgio's 250+ Tbps edge network to provide full-spectrum DDoS protection. Furthermore, the new enhancements to its Web Application and API Protection (WAAP) capabilities include advanced outbound data leak prevention, rule customizer, enhanced configurability, proxy detection and region code support to help customers comply with geographical compliance rules. DDoS attacks are on the rise, and according to the 2022 Verizon Data Breach Investigations Report, the top security threat is a DDoS attack. The addition of Edgio's DDoS scrubbing solution ensures maximum resiliency and uptime of customers' networks and applications by providing full-spectrum protection against all networks and applications, including direct-to-origin network attacks against non-web applications. Moreover, the new outbound security rules with added outbound traffic scan prevent attackers from causing a data breach by exploiting known vulnerabilities, thereby offering an additional layer of protection for confidential customer data and preventing the customer from executing malicious code. Additionally, Edgio can now detect and block requests originating from anonymous proxies, therefore allowing additional control over access to customers' applications. Edgio's advanced rules customizer allows customers to control the sensitivity of individual security rules and increases its accuracy while minimizing false positives. Finally, enhanced configuration management enables developers to directly import and export configuration JSON via UI and API to deploy protection for new applications rapidly. Edgio also enables clients to control access to their applications through advanced access control rules. The latest enhancements now support more profound regional control, down to the province or region level, in its custom security rules and WAAP's access rules, supporting ongoing compliance requirements in the modern geopolitical environment. About Edgio Headquartered in Phoenix, AZ, Edgio helps companies deliver online experiences and content safer, faster and with more control. Its globally scaled edge network and integrated media and application solutions provide businesses with the tools necessary to deliver high-performance, secure web properties and streaming content quickly and securely. The company's platform and suite of edge services enable enterprises to boost their revenue and overall business value by delivering their content more efficiently and securely. Companies across various industries, including entertainment, technology, retail, and finance, depend on Edgio's technology and services to defend and accelerate their online properties.