API Security: Separating Truth from Fiction
- LANGUAGE: English DATE: Thursday, March 14, 2019 TIME: 4:00pm CET, 11:00am EDT, 8:00am PDT
Unfortunately, the rapidly growing need to expose and consume various APIs as quickly and easily as possible has led to various compromises often made at different stages of architecting modern IT systems. Notably, for many businesses, the very notion of API security is still something completely foreign or an afterthought at best. There are quite a few common misconceptions surrounding this topic, such as the idea that existing security tools like web application firewalls or antiviruses are perfectly capable of securing APIs or that the whole issue can be avoided by simply not exposing an API to the world.
As the latest high-profile security breaches where APIs were used as the primary attack vector indicate, this cannot be further from the truth. Securing your APIs properly should always start with a strategy that incorporates both existing tools as well as specialized API security solutions that can analyze, harden, monitor and defend your APIs across their full lifecycle. And don’t forget that 3rd party APIs that your business relies upon must be protected just as carefully as your own.
Join this KuppingerCole webinar where we’ll discuss the following topics:
- The extent of API proliferation in modern businesses and the risks of not having them under control;
- Modern API standards (and lack thereof) and specific security challenges APIs are facing;
- Common misconceptions about securing APIs and how to separate truth from fiction;
- The scope of API security and the evolution of API security tools and solutions;
- Designing a comprehensive API strategy that involves every responsible party;
- Practical recommendations that you can start implementing right after this webinar.
In the first part of the webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will provide a general overview of the recent developments and security challenges for the API economy. He will talk about the importance of a proper API security strategy that combines not just tools, but people and processes across multiple business units of your company.
In the second part, Isabelle Mauny, co-founder and Chief Product Officer of 42Crunch, will present the alternative approach towards API security that spans across the whole API lifecycle and ensures continuous protection during development, deployment and production runtime of any business-critical API. She will offer practical recommendations and talk about concrete API security policies based on industry best practices.
The 42Crunch platform offers a set of integrated services that can be leveraged as part of the APIs’ DevSecOps cycle:
* API Contract Security Audit: An exhaustive security audit of the OpenAPI definition, with detailed security scoring that helps developers define and strengthen their API contracts.
* API Contract Conformance Scan: A scan of live API endpoints that discovers potential vulnerabilities and discrepancies in your API implementation against the API contract.
* API Protection: A straightforward and easy way to protect APIs and apply policies that can be deployed in our lightweight, low-latency, API-native micro firewall. API Firewall automatically enforces traffic based on your API contract and applies security policies to protect API endpoints wherever they are.
In a single decade, Application Programming Interfaces (APIs) have evolved from a purely technical concept into one of the foundations of modern digital business, delivering operational efficiency, scalability and profitability to companies from various industries. Nowadays, everything is API-enabled: corporate data is the product and APIs are the logistics of delivering it to customers and partners.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.