Noname Security this week extended the reach of its platform for securing application programming interfaces (APIs) to make it easier to discover APIs and visualize the workflows that revolve around them.
Specifically, the company has added to the Noname Security Runtime Protection platform an ability to customize discovery and more flexibly apply tags to track data types. That enables cybersecurity teams to group APIs by application or business unit. In addition, Noname Security has extended the reach of its discovery capabilities to include support for Kubernetes.
Noname Security has also added visualization capabilities that surface business logic, physical network infrastructure and API traffic to better understand interactions and behavior patterns.
Finally, Noname Security has added an ability to inventory APIs within Amazon Web Services (AWS) and Microsoft Azure cloud environments to make it easier to determine the overall size of the defensible attack surface based on connections between APIs and underlying cloud infrastructure.
Noname Security Field CTO Filip Verloy said the company is moving to make it simpler to integrate its platform within application environments that make extensive use of custom APIs. That includes, for example, cloud-native applications based on microservices. That approach will make it simpler for organizations to leverage machine learning algorithms embedded within the Noname Security Runtime Protection platform to secure those APIs alongside APIs created by application and cloud services providers, he noted.
Custom APIs can be especially problematic because they are created by internal development teams that tend to have limited cybersecurity expertise, so mistakes are frequently made. The challenge is that cybercriminals are now focusing on APIs to launch attacks because they provide a mechanism to programmatically exfiltrate data. There is also a tendency to be more lax about securing internally facing APIs; months later, it’s not uncommon for those same APIs to become externally facing as use cases for applications continue to evolve, noted Verloy.
At the same time, organizations need to be more concerned about potential insider threats as the overall economy becomes more unstable, he added.
In general, the overall state of API security is improving as cybersecurity teams collaborate more with application development teams that adopt DevSecOps best practices to build and deploy applications and their associated APIs, noted Verloy. However, most organizations are still in the early stages of implementing those processes, so the level of security applied to APIs is still uneven.
The challenge many cybersecurity teams are encountering is that many APIs have already been deployed, so the need to discover the number of API endpoints that need to be secured is still a significant challenge. It’s not uncommon for developers to have deployed a so-called zombie API that is no longer being supported but nevertheless can be accessed and manipulated by external threat actors.
It may be a while yet before API security gets the full attention it deserves, given all the other priorities cybersecurity teams face. However, as the number of APIs being exposed continues to proliferate, the probability there will be a breach involving one of more of them is only going to increase.