PingIntelligence for APIs Now Integrates with IBM’s API Connect and DataPower Gateway to Provide Advanced AI-powered API Threat Detection and Blocking
Ping Identity, the leader in Identity Defined Security, announced that its AI-powered API security solution, PingIntelligence for APIs, now tightly integrates with IBM’s API Connect and DataPower Gateway to provide IBM customers advanced cyber protection for their API infrastructures.
Security breaches that originate at the API level—like those announced by Facebook, Google and USPS most recently (see Forbes article)—can take months or even years to be detected. The problem is perpetuated by security and IT professionals’ lack of visibility into their API infrastructure activity. According to a recent Ping Identity survey, nearly half (45 percent) of those entrusted with API security lack confidence in their ability to detect malicious API activity, and 51 percent question if they even know about all of the APIs in their organizations.
When evaluating the attack surface presented by your APIs, bad actors might find a number of ways to gain access. But their efforts generally follow four patterns:
Login Attacks – Attacks on login and authentication systems are a natural starting point as they’re difficult to detect and stop with existing API security solutions. Bad actors attempt to find a “way in” to access the digital resources linked to APIs by using brute force and automated credential stuffing attacks.
DoS and DDoS Attacks – An API DDoS attack typically involves sending traffic from multiple clients to overload an API service. Hackers most often execute these attacks using botnets trained to detect and stay under rate-limiting controls to maximize effectiveness—while rendering all existing DoS/DDoS protection solutions useless.
Application and Data Attacks – Phishing, malware and man-in-the-middle attacks are often used to trick users into connecting to a compromised system, which then captures their tokens, credentials and API keys. The hacker, posing as the authenticated user, is then able to gain access to API services unbeknownst to the API management system. Since APIs expose a range of functions, attackers can subsequently engage in data extraction or theft, data deletion or manipulation, account takeover, data injection into an application service, malicious code injection into an application service, remote application or system control, or other application and data attacks.
API Take-Over Attacks – These attacks use a valid account for a social site, a bank, an insurance company, a healthcare provider or other services to gain access to the APIs with the objective to reverse engineer them and find a vulnerability that they can exploit to gain access to most other accounts. This is the attack type that has been used successfully in almost all recent public breaches.
Identify API misuse and abuse—whether internal or external
Detect, report and block anomalous behaviors and attacks such as API takeovers that steal data and private information
Discover and secure new APIs
The tight integration of PingIntelligence with the API Connect/DataPower Gateway from IBM brings AI-based cybersecurity protection to IBM customers’ APIs. The Ping solution detects and reports anomalous behavior and cyberattacks on each API under its watch. Once detected, the attack information is shared with the API Connect/DataPower gateway for automated blocking. These include attacks on login systems, data theft, remote application control, API-specific DoS/DDoS attacks, stolen credential attacks, data exfiltration over extended periods of time, content scraping and more. The integrated solution provides cluster-based scalability, as well as support for multi-cloud and hybrid deployments.
“Security and IT leaders are being challenged to protect their enterprises’ API infrastructures,” said Bernard Harguindeguy (@bernardh_), CTO, Ping Identity. “The integration of PingIntelligence for APIs with IBM API Connect and DataPower Gateway gives these professionals the most advanced and robust AI-powered API security available today, so they can secure their environments against the new generation of cyberattacks that target APIs.”
Ozair Sheikh (@ozairsheikh), Program Director, APIs and Gateway for IBM, adds, “The partnership between IBM and Ping Identity delivers the next-level of threat detection and blocking to IBM API Connect customers. We’re pleased to offer this integration to our customers to help secure their APIs, enabling them to confidently expose their APIs to consumers and partners without worrying about security and data exposures.”
The solution will be demonstrated at the IBM Think 2019 conference in San Francisco. You can learn more about the session here.
March 20, 2019 Update: Join Ping Identity at IBM Integration TechCon 2019 on April 30 to learn how PingIntelligence for APIs integrates with IBM’s API Connect and DataPower Gateway to provide AI-powered protection against cyberattacks on APIs.
*Blog originally posted by Alan Glickenhouse via IBM Developer on February 12, 2019.