GEC NEWS WIREQualys has unveiled its new API security platform, which utilizes AI-driven scanning and deep learning techniques for web malware detection. This advanced platform is designed to protect web applications and APIs across all aspects of the attack surface, including on-premises web servers, databases, hybrid and multi-cloud environments, API gateways, containerized architectures, and microservices.
APIs are integral to digital transformation initiatives across industries. The latest data indicates that over 83% of web traffic now comprises API traffic, highlighting their critical role in modern web applications using microservices, cloud, and hybrid environments. However, this also underscores the vulnerabilities that accompany their widespread adoption.
“Many organizations use a variety of security tools, such as SAST, DAST, SCA, or point solutions for API security that often operate in isolation, without a unified platform to integrate their findings. Moreover, the absence of integration between these tools leads to a fragmented view of the application security posture and results in uncoordinated efforts and gaps in security coverage. Similarly, SAST & DAST tools offer limited coverage for API-specific issues and focus predominantly on code vulnerabilities,” commented Kunal Modasiya, Vice President, Product Management, CyberSecurity Asset Management, Qualys.
Qualys API security addresses and allows organizations to:
- Measure API risks across all attack surfaces with a unified view of API security by discovering & monitoring every API asset across diverse environments, enabling better decision-making and faster response times.
- Communicate API risks like OWASP API Top 10 vulnerabilities & drift from OpenAPI specs with real-time threat detection and response, minimizing the risk window and enhancing overall security.
- Eliminate API risks with integrated workflows supporting Shift-Left & Shift-Right practices, bridging the gap between IT and security teams, promoting seamless collaboration, and improving operational efficiency.
