APIs are considered the backbone of seamless data exchange between software systems, powering the modern applications and services people rely on. However, a concerning trend is emerging as cybercriminals increasingly target APIs as their favored attack surface.
Organizations are inadvertently leaving their APIs susceptible to breaches, paving the way for cybercriminals to infiltrate systems, compromise sensitive data, and unleash damaging attacks. With the absence of robust security monitoring, suspicious activities and unauthorized access attempts often go unnoticed, providing hackers with ample time to exploit vulnerabilities and carry out their malicious activities undetected.
Aware of this concerning trend, Graylog, a provider of SIEM and log management solutions, broadened its security portfolio with the acquisition of Resurface.io’s data-driven API security platform. The acquisition enables Graylog to deliver a comprehensive API security threat detection and incident response platform, Graylog API Security, to combat the challenges in the API security landscape.
Graylog API Security comes with a range of key advantages. The solution offers guided threat detection and response, which includes pre-configured alerts tailored to each API. These alerts provide clear explanations and actionable steps, ensuring efficient handling of potential threats with comprehensive coverage of OWASP Top 10 vulnerabilities.
Another feature is continuous, uninterrupted monitoring. Through runtime scanning, this solution enables real-time threat detection without impacting application performance, regardless of the number of threat signatures being checked.
Graylog's API Security solution provides full request and response payload analysis. This approach goes beyond request header data and includes sampling and modeling. It facilitates precise alerts, efficient retroactive threat hunting, comprehensive incident investigation forensics and insightful trend analysis.
The solution also offers a secure self-managed approach, allowing organizations to keep sensitive data in-house. By avoiding third-party disruptions and addressing concerns related to personally identifiable information, organizations eliminate the complexities and regulatory requirements often associated with SaaS security reviews.
Additionally, Graylog's API Security solution ensures effortless implementation and maintenance. With its self-contained security data lake and modern Kubernetes architecture, even smaller enterprises can easily set up and manage the solution without significant challenges or high costs.
“APIs have rapidly become a favored attack surface for cyber criminals. What is needed is a purpose-built API security solution that is focused on the detection of and response to API-specific threats, working in concert with a SIEM to provide a more complete defense,” said Graylog CEO Andy Grolnick. “Integrating Resurface.io’s data-driven API security solution with Graylog’s SIEM platform will empower organizations to proactively safeguard their APIs.”
What sets Graylog API Security apart from other API solutions is that it works with existing web application firewall and API gateways to provide an additional layer of defense that can also address sophisticated attacks from authenticated users (who often gain entry as trial users, partners and paying customers). This minimizes disruption to the security team with improvements to the organization’s overall security posture achieved in minutes.
“The Resurface API technology and solution will enable Graylog to reach a broader audience, accelerate product advancements and provide customers unparalleled API ecosystem protection,” said Rob Dickinson, founder of Resurface.io.
As APIs continue to be one of the most exposed attack surfaces, the distinct expertise and innovative technologies of Resurface.io (combined with Graylog) will help customers fortify their defenses against API-related threats.
Edited by
Alex Passett
