Addressing Growing API Threats: Graylog Acquires Resurface.io's API Security Solution

Addressing Growing API Threats: Graylog Acquires Resurface.io's API Security Solution

By Greg Tavarez

APIs are considered the backbone of seamless data exchange between software systems, powering the modern applications and services people rely on. However, a concerning trend is emerging as cybercriminals increasingly target APIs as their favored attack surface.

Organizations are inadvertently leaving their APIs susceptible to breaches, paving the way for cybercriminals to infiltrate systems, compromise sensitive data, and unleash damaging attacks. With the absence of robust security monitoring, suspicious activities and unauthorized access attempts often go unnoticed, providing hackers with ample time to exploit vulnerabilities and carry out their malicious activities undetected.

Aware of this concerning trend, Graylog, a provider of SIEM and log management solutions, broadened its security portfolio with the acquisition of Resurface.io’s data-driven API security platform. The acquisition enables Graylog to deliver a comprehensive API security threat detection and incident response platform, Graylog API Security, to combat the challenges in the API security landscape.

Graylog API Security comes with a range of key advantages. The solution offers guided threat detection and response, which includes pre-configured alerts tailored to each API. These alerts provide clear explanations and actionable steps, ensuring efficient handling of potential threats with comprehensive coverage of OWASP Top 10 vulnerabilities.

Another feature is continuous, uninterrupted monitoring. Through runtime scanning, this solution enables real-time threat detection without impacting application performance, regardless of the number of threat signatures being checked.

Graylog's API Security solution provides full request and response payload analysis. This approach goes beyond request header data and includes sampling and modeling. It facilitates precise alerts, efficient retroactive threat hunting, comprehensive incident investigation forensics and insightful trend analysis.

The solution also offers a secure self-managed approach, allowing organizations to keep sensitive data in-house. By avoiding third-party disruptions and addressing concerns related to personally identifiable information, organizations eliminate the complexities and regulatory requirements often associated with SaaS security reviews.

Additionally, Graylog's API Security solution ensures effortless implementation and maintenance. With its self-contained security data lake and modern Kubernetes architecture, even smaller enterprises can easily set up and manage the solution without significant challenges or high costs.

“APIs have rapidly become a favored attack surface for cyber criminals. What is needed is a purpose-built API security solution that is focused on the detection of and response to API-specific threats, working in concert with a SIEM to provide a more complete defense,” said Graylog CEO Andy Grolnick. “Integrating Resurface.io’s data-driven API security solution with Graylog’s SIEM platform will empower organizations to proactively safeguard their APIs.”

What sets Graylog API Security apart from other API solutions is that it works with existing web application firewall and API gateways to provide an additional layer of defense that can also address sophisticated attacks from authenticated users (who often gain entry as trial users, partners and paying customers). This minimizes disruption to the security team with improvements to the organization’s overall security posture achieved in minutes.

“The Resurface API technology and solution will enable Graylog to reach a broader audience, accelerate product advancements and provide customers unparalleled API ecosystem protection,” said Rob Dickinson, founder of Resurface.io.

As APIs continue to be one of the most exposed attack surfaces, the distinct expertise and innovative technologies of Resurface.io (combined with Graylog) will help customers fortify their defenses against API-related threats.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

LogMeIn Rescue, to the Rescue: Forrester Studies GoTo's Support Capabilities

By: Alex Passett    9/22/2023

Over a period of three years, a Forrester Total Economic Impact (TEI) study examined the business and financial benefits of LogMeIn Rescue, a flagship…

Read More

Canadian Managed IT Services Gear Up for Cybersecurity Awareness Month

By: Contributing Writer    9/22/2023

October, prominently known as Cybersecurity Awareness Month, is an annual observance and an intensified rally for Canada's premier IT service provider…

Read More

ITEXPO Exhibitor RingLogix Looks to TeamMate to Open New Possibilities for MSPs

By: Greg Tavarez    9/21/2023

The RingLogix and TeamMate collaboration enables MSPs to get the most out of Microsoft Teams as a collaboration solution.

Read More

Acronis Introduces Advanced Automation for MSPs

By: Stefania Viscusi    9/21/2023

Acronis Advanced Automation addresses a common challenge faced by MSPs, the increasing complexities businesses face with so many different initiatives…

Read More

Comprehensive Cybersecurity Solutions: Rackspace Taps Palo Alto Networks

By: Alex Passett    9/20/2023

Strengthening organizations' abilities to stay ahead of progressively evolving cyber threats and attackers is key. That's why Rackspace Technology has…

Read More