Invicti Expands App Security Platform with Comprehensive API Security
Txylo.com/10281584

Trending...
AUSTIN, Texas, July 16, 2024 ~ Invicti, the leading provider of application security testing solutions, has announced the launch of Invicti API Security. This new solution combines comprehensive API discovery with proactive security testing to address the growing concerns around API security.

The rise of service-based architectures has led to a significant increase in APIs, creating yet another attack surface for security teams to manage. As development teams turn to AI code assistants for increased productivity, the creation of APIs is accelerating. However, while these AI code assistants may boost developer productivity, they are not yet able to consistently generate secure application code or secure APIs. This leaves organizations vulnerable to potential attacks from vulnerable APIs deployed in their web services.

According to a report by ESG titled "Securing The API Attack Surface," 76% of organizations have an average of 26 APIs per application deployed. Many of these APIs are undocumented and unmonitored, making it challenging for security teams to confidently and quickly identify and test them for vulnerabilities. With Invicti API Security, organizations can now have comprehensive API discovery alongside proactive security testing.

More on Txylo.com
Invicti API Security offers multiple methods for discovering known and undocumented APIs, including zero-configuration discovery that identifies API specifications and scans cloud environments for accessible paths. It also integrates with API management systems to fetch and sync accurate and up-to-date API specifications into inventory. Additionally, network API traffic analysis is used to identify and reconstruct API calls into definition files based on observed traffic.

Neil Roseman, CEO at Invicti, stated that with the extensive API discovery capabilities of the Invicti Platform, they can now offer a tool consolidation option by combining web application and API security into a single solution. He also added that as tool sprawl and budgetary constraints continue to grow, CISOs can rely on Invicti's solution to address their organization's growing concerns around API security while reducing tool complexity for their team.

For decades, Invicti has been known for its web application security testing coverage, accuracy, speed, and scale. The addition of continuous automated discovery, proof-based scanning to verify critical vulnerabilities for developers, and Predictive Risk Scoring for advanced prioritization efforts has provided customers with a unique set of benefits. These web application security benefits can now be combined with API discovery and security testing.

More on Txylo.com
Melinda Marks, Practice Director of Cybersecurity at ESG, highlighted the increasing concern among security leaders about API security and their ability to protect sensitive data. She explained that as developers continue to build feature-rich applications with integrations and communications to resources, the proliferation of APIs, especially unknown shadow APIs, creates a significant attack surface. The multi-layer discovery method used by Invicti helps organizations thoroughly identify APIs and deliver secure applications.

Invicti API Security is available to all Invicti customers across both Acunetix and Invicti (formerly Netsparker) product lines. Existing customers can extend their use of the Invicti platform by adding this new solution. New customers have the option to purchase it as a combination of web application and API security or as a standalone API Security option. With this new solution, organizations can now have peace of mind knowing that their APIs are thoroughly tested for vulnerabilities before being deployed into their web services.
Filed Under: Business

Show All News | Report Violation

0 Comments

Latest on Txylo.com