Addressing Growing API Threats: Graylog Acquires Resurface.io's API Security Solution

Addressing Growing API Threats: Graylog Acquires Resurface.io's API Security Solution

By Greg Tavarez

APIs are considered the backbone of seamless data exchange between software systems, powering the modern applications and services people rely on. However, a concerning trend is emerging as cybercriminals increasingly target APIs as their favored attack surface.

Organizations are inadvertently leaving their APIs susceptible to breaches, paving the way for cybercriminals to infiltrate systems, compromise sensitive data, and unleash damaging attacks. With the absence of robust security monitoring, suspicious activities and unauthorized access attempts often go unnoticed, providing hackers with ample time to exploit vulnerabilities and carry out their malicious activities undetected.

Aware of this concerning trend, Graylog, a provider of SIEM and log management solutions, broadened its security portfolio with the acquisition of Resurface.io’s data-driven API security platform. The acquisition enables Graylog to deliver a comprehensive API security threat detection and incident response platform, Graylog API Security, to combat the challenges in the API security landscape.

Graylog API Security comes with a range of key advantages. The solution offers guided threat detection and response, which includes pre-configured alerts tailored to each API. These alerts provide clear explanations and actionable steps, ensuring efficient handling of potential threats with comprehensive coverage of OWASP Top 10 vulnerabilities.

Another feature is continuous, uninterrupted monitoring. Through runtime scanning, this solution enables real-time threat detection without impacting application performance, regardless of the number of threat signatures being checked.

Graylog's API Security solution provides full request and response payload analysis. This approach goes beyond request header data and includes sampling and modeling. It facilitates precise alerts, efficient retroactive threat hunting, comprehensive incident investigation forensics and insightful trend analysis.

The solution also offers a secure self-managed approach, allowing organizations to keep sensitive data in-house. By avoiding third-party disruptions and addressing concerns related to personally identifiable information, organizations eliminate the complexities and regulatory requirements often associated with SaaS security reviews.

Additionally, Graylog's API Security solution ensures effortless implementation and maintenance. With its self-contained security data lake and modern Kubernetes architecture, even smaller enterprises can easily set up and manage the solution without significant challenges or high costs.

“APIs have rapidly become a favored attack surface for cyber criminals. What is needed is a purpose-built API security solution that is focused on the detection of and response to API-specific threats, working in concert with a SIEM to provide a more complete defense,” said Graylog CEO Andy Grolnick. “Integrating Resurface.io’s data-driven API security solution with Graylog’s SIEM platform will empower organizations to proactively safeguard their APIs.”

What sets Graylog API Security apart from other API solutions is that it works with existing web application firewall and API gateways to provide an additional layer of defense that can also address sophisticated attacks from authenticated users (who often gain entry as trial users, partners and paying customers). This minimizes disruption to the security team with improvements to the organization’s overall security posture achieved in minutes.

“The Resurface API technology and solution will enable Graylog to reach a broader audience, accelerate product advancements and provide customers unparalleled API ecosystem protection,” said Rob Dickinson, founder of Resurface.io.

As APIs continue to be one of the most exposed attack surfaces, the distinct expertise and innovative technologies of Resurface.io (combined with Graylog) will help customers fortify their defenses against API-related threats.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

SonicWall Powers Secure Access for Missouri MSP, Improving Cybersecurity and Network Access for Clients

By: Erik Linask    6/27/2025

With SonicWall, Stronghold Data delivers a modern, secure remote access solution that ensures access to networks and resources and improves cybersecur…

Read More

Guardz Unleashes AI-Driven ITDR to Combat Escalating Identity-Based Threats

By: Erik Linask    6/26/2025

The launch of Identity Threat Detection and Response (ITDR) gives MSPs the tools to defend SMBs against increasingly sophisticated attacks targeting u…

Read More

Barracuda Managed Vulnerability Security: A Proactive Shield Against Escalating Cyber Threats

By: Erik Linask    6/26/2025

Barracuda's Managed Vulnerability Security is a fully managed scanning and risk assessment service powered by its global SOC.

Read More

Can MSPs Cut Microsoft Teams Incident Management Time by 50%? Martello Says Yes

By: Erik Linask    6/18/2025

New research shows MSPs can achieve a 50% reduction in labor required for Microsoft Teams incident management by using proactive monitoring and advanc…

Read More

Supercharging Your MSP with AI at SuperSummit 2025 in Dallas

By: Erik Linask    6/18/2025

SuperSummit 2025 features targeted content and education to help MSPs capitalize on the AI revolution to improve there businesses models and operation…

Read More