Make sure it's turned on so that pingidentity.com can work properly.
NOV Inc. | Ping Identity Customer Success Story
API security solution uses artificial intelligence to detect and block attacks.
Company protects 140 APIs in complex, hybrid architecture.
Single pane of glass provides quick and easy visibility into all API traffic.
Integration with Axway Amplify API Management Platform protects against modern and evolving security threats.
NOV Inc. Intelligently Boosts API Security
NOV Inc. delivers technology-driven solutions to empower the global energy industry. One of the largest providers of equipment and services to the upstream oil and gas industry, the Houston-based multinational corporation has been pioneering innovations for more than 160 years, enabling its customers to safely produce abundant energy while minimizing environmental impact.
As part of their digital transformation, NOV Inc. sought to establish an additional, strong security layer to properly authenticate, authorize and monitor access to approximately 140 APIs supporting customer, partner, and internal applications, as well as equipment control across the organization. Along with access control, they wanted visibility into all activity per user, the ability to track APIs and traffic globally for audits and governance, and to quickly and easily identify API abnormalities, misbehaviors and breaches.
Allowing rapid delivery and secure access to data to your apps through APIs presents significant security challenges. As a large corporation that has grown through acquisitions and evolved its infrastructure over the years, NOV Inc. has a huge legacy debt in the guise of a large ERP footprint, different ERP instances, data spread across multiple data lakes and data houses, and systems, applications and APIs in different data centers throughout the globe. The organization was using static threat checks to protect APIs, but the technique was neither completely secure nor easy to use and needed to be augmented with a self-learning system that can understand threats based on behavior. NOV Inc. also lacked comprehensive tracking for audit and forensic reports.
NOV Inc. was challenged to find a solution that seamlessly and securely supports their API needs with regards to both their legacy infrastructure and their newer infrastructures in the cloud, enabling them to centrally manage the lifecycle of an API so that the APIs can integrate into various digital delivery channels offered to customers and partners. In addition, NOV Inc. needed to be able to deploy and implement the solution with minimal effort on the part of its developers and digital integrators.
NOV Inc. chose the powerful combination of PingIntelligence and Axway for APIs, an API security and governance solution that provides a unified view of API activity across the entire enterprise for centralized monitoring and reporting. In addition, PingIntelligence for APIs uses artificial intelligence to learn traffic behaviors to automatically detect and block threats to enhance an organization’s security posture. The “single pane of glass” allows NOV Inc. to centralize AI analytics for API activity across all data centers and clouds, enabling them to differentiate between good and bad traffic, catch bad API implementations, determine whether partners are abiding by agreements, and detect and block suspicious behaviors.
The corporation deployed PingIntellience for APIs in sideband integration with the Axway Amplify API Management Platform. The Axway solution offers a layer of API security through access control, rate limiting, and network privacy, while the Ping solution extends Axway’s API Gateway with an additional layer of AI-powered traffic tracking and security. The solution was deployed in an active/active high availability (HA) configuration across three data centers (two private data centers and one Equinix Data Center) and across two clouds, Azure and AWS.
“Organizations should not take for granted that traditional API-protecting mechanisms will suffice for today's needs,” said Manoj Kona, Director of Corporate Middleware at NOV Inc. “In the past, we used security mechanisms like rate limiting and throttling to secure APIs. But those traditional mechanisms don't suffice. Without the self-learning AI platform to detect the behavior of your callers, you will not be implementing a full-fledged mature API security infrastructure.”
Ping is unique in its ML-based software and capabilities and the supporting infrastructure, helping us cover the whole breadth of our API security needs.
Director of Corporate Middleware
As a result of implementing PingIntelligence for APIs, NOV Inc. has deep insights into their API calls, can catch API issues before they become costly, and can better protect against a new generation of security threats. The integration with Splunk has provided a wealth of information for the NOV Inc. security team to perform their own analyses, and PingIntelligence’s out-of-the-box dashboards allow the NOV Inc. team to quickly and easily examine, identify and remedy abnormal activities, including automatically blocking attempts to breach their APIs. NOV Inc. has drastically shortened the length of time it takes to publish APIs—often going from weeks to mere hours—and developers on both apps and API are more productive with the Axway and Ping solution in place.
Learn more about how NOV Inc. is using PingIntelligence for APIs to properly secure their infrastructure to enable digital transformation and the use of APIs.
More About NOV
NOV Inc. (NYSE: NOV) delivers technology-driven solutions to empower the global energy industry. For more than 160 years, NOV Inc. has pioneered innovations that enable its customers to safely produce abundant energy while minimizing environmental impact. The energy industry depends on NOV Inc.'s deep expertise and technology to continually improve oilfield operations and assist in efforts to advance the energy transition towards a more sustainable future. NOV Inc. powers the industry that powers the world.
The Amplify API Management Platform helps control the growing complexities of API sprawl and distributed integration across environments, vendors, and teams while leveraging modern patterns around microservices and event-driven architectures. It's the only out-of-the-box solution that lets you manage all your APIs and integrations across all vendors-on-premises or in any cloud automatically from a central place.