How Penetration Testing Strengthens API Security
Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.
Last year, Gartner predicted that API attacks would become the most frequent attack vector in 2022. Although it remains unclear if this is the case, considering that exploiting the Twitter API vulnerability exposed the data of 5.4 million users, it's clear they are devastatingly effective.
In an attempt to help security teams deal with these threats, cybersecurity startup Wib today announced the launch of what it claims is the first PenTesting-as-a-service (PTaaS) API ) of the industry, designed to test the security of applications. , API and business logic vulnerabilities.
Wib recently announced a $16M fundraiser and enables users to generate comprehensive API inventory, generate documentation, and improve attack surface visibility.
In this case, penetration testing provides security teams with a more accurate view of their organization's API security posture so they can identify and mitigate potential entry points before cybercriminals can. can exploit them.
EventSmart Security Summit
Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.
Register now Playing catch-up with API securityThe announcement comes as API attacks continue to rise, with research showing that 94% of organizations have encountered security issues in production APIs.
To make matters worse, many security teams don't know how to respond to these threats, with 61% either having no API security policy or only having a basic plan.
The truth is, many organizations are trying to catch up on API security after embracing cloud computing and microservices.
"Most of these blind spots are exposed when companies adopt an API-centric methodology and move to a microservices-based architecture, which changes their attack surfaces, but their defenses weren't designed for that structure and haven't yet evolved to cover it," said Chuck Herrin, CTO of Wib. "Adoption always exceeds security, and this time is no different. What's different this time around is that API traffic already accounts for 91% of web traffic, while most defenders don't see APIs as an attack vector,” Herrin said.
By offering a purpose-built penetration testing service, Wib gives businesses access to the expertise and technologies they need to detect API-level threats.
After each test, security teams receive a comprehensive assessment report of identified vulnerabilities along with a risk severity score based on NIST's Cyber Matrix Calculator and a remediation roadmap with recommendations on how to mitigate vulnerabilities.
API Security Market ReviewWib is just one of many vendors in the global API security market, which researchers have valued at $783.9 million in 2021 and is predicted to reach a value of $984 .1 million in 2022.
The organization competes against a range of competitors in the market, including Salt Security, which raised $140 million in Series D funding earlier this year, and offers artificial intelligence (AI)...
Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.
Last year, Gartner predicted that API attacks would become the most frequent attack vector in 2022. Although it remains unclear if this is the case, considering that exploiting the Twitter API vulnerability exposed the data of 5.4 million users, it's clear they are devastatingly effective.
In an attempt to help security teams deal with these threats, cybersecurity startup Wib today announced the launch of what it claims is the first PenTesting-as-a-service (PTaaS) API ) of the industry, designed to test the security of applications. , API and business logic vulnerabilities.
Wib recently announced a $16M fundraiser and enables users to generate comprehensive API inventory, generate documentation, and improve attack surface visibility.
In this case, penetration testing provides security teams with a more accurate view of their organization's API security posture so they can identify and mitigate potential entry points before cybercriminals can. can exploit them.
EventSmart Security Summit
Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.
Register now Playing catch-up with API securityThe announcement comes as API attacks continue to rise, with research showing that 94% of organizations have encountered security issues in production APIs.
To make matters worse, many security teams don't know how to respond to these threats, with 61% either having no API security policy or only having a basic plan.
The truth is, many organizations are trying to catch up on API security after embracing cloud computing and microservices.
"Most of these blind spots are exposed when companies adopt an API-centric methodology and move to a microservices-based architecture, which changes their attack surfaces, but their defenses weren't designed for that structure and haven't yet evolved to cover it," said Chuck Herrin, CTO of Wib. "Adoption always exceeds security, and this time is no different. What's different this time around is that API traffic already accounts for 91% of web traffic, while most defenders don't see APIs as an attack vector,” Herrin said.
By offering a purpose-built penetration testing service, Wib gives businesses access to the expertise and technologies they need to detect API-level threats.
After each test, security teams receive a comprehensive assessment report of identified vulnerabilities along with a risk severity score based on NIST's Cyber Matrix Calculator and a remediation roadmap with recommendations on how to mitigate vulnerabilities.
API Security Market ReviewWib is just one of many vendors in the global API security market, which researchers have valued at $783.9 million in 2021 and is predicted to reach a value of $984 .1 million in 2022.
The organization competes against a range of competitors in the market, including Salt Security, which raised $140 million in Series D funding earlier this year, and offers artificial intelligence (AI)...
What's Your Reaction?
