Unveiled at Apidays Paris, the latest version of API secure shines light on complex API exploits to help IT security teams easily digest and understand full-stack attack chain
Data Theorem, Inc., a leading provider of modern application security, introduced the industry’s first API Attack Path Visualization capabilities for protecting APIs and the software supply chain. This latest enhancement of its award-winning API Secure solution empowers organizations with a first-ever comprehensive understanding of the attack chain, traversing all layers of an application and extending protection to crucial underlying cloud assets, including containers, storage, databases, and serverless functions.
Launched today at Apidays Paris, Data Theorem will unveil and demonstrate these industry-first API and software supply chain protection capabilities in its Booth No. 5 this week.
As cyber threats evolve in sophistication, especially in the era of generative AI, understanding the complete attack path has become paramount for organizations to fortify their digital defenses. As a result of today’s launch, Data Theorem’s API Secure, renowned for its robust API discovery, security testing, and protection capabilities, now introduces API Attack Path Visualization to provide organizations with an unparalleled depth of insight into potential vulnerabilities and their potential impact. These new full-stack visualization capabilities start with API exploits and expand to the broader perspective of how vulnerabilities impact mobile, web, serverless, and various cloud-native applications.
According to Gartner, “75% of organizations that run cloud-native applications in production still use web application firewalls (WAFs) or web application and API protection (WAAP) tools to protect their applications during runtime. Attackers have shifted their attention to applications, making it evident that security leaders must focus on application protection. Security and risk management leaders must innovate their approaches to application runtime protection and avoid stacking multiple functionally similar, overlapping products.” 1
Key features of API Secure’s new Attack Path Visualization capabilities include:
- Deeper Understanding: Gain a full-stack view of the attack chain from client to infrastructure layers, allowing for a more in-depth analysis of potential security risks and impacts.
- Broader Coverage: Extend visibility beyond the API layer to encompass underlying cloud assets, ensuring a holistic understanding of the entire application ecosystem.
- Visual Clarity: Intuitive visualizations uniquely make complex attack paths easily digestible, enabling security teams to make informed decisions quickly and precisely.
- Real-Time Monitoring: Keep abreast of dynamic threat landscapes with real-time monitoring, allowing for proactive observability and threat mitigation.
- Integration Capabilities: Seamlessly integrate API Attack Path Visualization into existing workflows, CI/CD tools, and traditional security tools like web application firewalls (WAF) for alerting and blocking to streamline and make efficient API protection practices.
“Data Theorem is committed to staying at the forefront of API security innovations, and our latest addition of the industry’s first API Attack Path Visualization for API Secure exemplifies this dedication,” said Doug Dooley, COO at Data Theorem. “By providing our customers with a holistic full-stack view of the attack surface, including underlying cloud assets, we empower them to proactively safeguard their cloud-centric applications against evolving threats like never before.”
According to Gartner, “Modern application protection tools must support these organizational changes and perform one or ideally more of the following functionalities – Discovery: identifying and classifying assets; Posture management: identifying security misconfigurations and proposing fixes; Detection and response: identifying and reporting (or blocking) anomalous or suspicious behavior.”
Data Theorem’s API Secure delivers discovery, posture management, and detection and response as a base offering, with enhanced protection and an industry’s first API Attack Path Visualization with this latest release. This groundbreaking enhancement helping protect modern applications reaffirms Data Theorem’s position as a leader in API security, continuously innovating and providing organizations with the tools they need to navigate the complex landscape of modern cybersecurity threats.
Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices, and cloud resources. Its solutions are powered by its award-winning Analyzer Engine, which leverages a new type of dynamic and runtime analysis fully integrated into the CI/CD process and enables organizations to conduct continuous, automated security inspection and remediation. Data Theorem is one of the first vendors to provide a full-stack application security analyzer that connects attack surfaces of applications starting at the client layers found in mobile and web, the network layers found in APIs, and the infrastructure layers found in cloud services.
