real-time intelligence for API security
The acquisition of Elastic Beam was announced at the Identiverse conference in June of 2018. Now called PingIntelligence for APIs, Ping customers can leverage artificial intelligence (AI) to provide cyber attack detection and blocking, as well as deep traffic insight on their APIs.
Almost daily, new APIs with highly diverse clients are introduced onto enterprise networks. The unique—and often high-volume traffic flows—of these APIs makes identifying malicious behavior a highly complex task. This isn’t a suitable task for existing security solutions using signatures or policy creation. As APIs continue to drive digital transformation efforts in the enterprise and support innovative customer experiences, securing them has never been more important.
Make Internal and External API Security A Priority
The number of internal and externally-facing APIs has exploded over the past decade, and it’s grabbed the attention of senior management in almost every industry worldwide. API-first development approaches are now used to accelerate internal processes, streamline partner relationships and acquire customers with innovative, API-driven services.
Organizations are leveraging APIs to take advantage of a number of opportunities in digital transformation efforts. But APIs are also new entry points into your organization's most sensitive data, making it easier for hackers and botnets to steal and manipulate critical information. API gateway products provide an important set of foundational security capabilities, but they can’t detect many cyberattacks on APIs.
like a watchdog for api traffic
PingIntelligence for APIs applies AI models to continuously inspect and report on all API activity. It automatically discovers anomalous API traffic behavior across the enterprise. Bad actors are well versed in circumventing static security policies, so PingIntelligence for APIs was purpose-built to recognize and respond to attacks which fly under the radar of foundational API security measures, and target API vulnerabilities—without policies, rules or code. Examples of API attacks blocked include hackers executing credential stuffing attacks on login systems, botnets disrupting API services with layer 7 DDoS attacks, hackers using stolen cookies or tokens to access APIs and rogue insiders exfiltrating data.
The use of APIs is so prevalent today that many organizations are unaware of the true number and nature of internal and externally-facing APIs. PingIntelligence for APIs automatically discovers new APIs deployed in a customer's environment. It then provides deep visibility into all API activity and provides cyberattack blocking to protect your data and applications.
api security datasheet
automate api protection with ai
PingIntelligence for APIs dynamically discovers APIs across your enterprise environment that are inadvertently exposed, unknown or forgotten. You can generate detailed reports on activity across these APIs and look for attacks on their data and applications.
PingIntelligence for APIs detects and stops attacks that use APIs to compromise data and applications. It automatically blocks attacks whether they target APIs running on API gateways, or APIs implemented directly on app servers.
You can use decoy APIs (honeypots) to instantly detect probing hackers. Because these honeypots should never be accessed by legitimate clients, PingIntelligence for APIs immediately quarantines the hacker and prevents access to production APIs without disrupting the flow of business.
PingIntelligence for APIs monitors all API activity including every command and method used throughout a session. Reports can deliver exhaustive forensic data as well as information for compliance reporting. Dashboards allow you to leverage a graphical view of attacks, anomalies and metrics across the API environment.
With PingIntelligence for APIs, you can use AI to discover expected behavior for each API without manual intervention. No rules need to be written or managed, ever. And attack signature updates are never required.
With both inline and sideband deployment options available, your IT team can deploy PingIntelligence for APIs however is best for your architectural environment. The inline model offers a high-performance reverse proxy to protect APIs deployed on API gateways or directly on application servers. And the sideband model works with API gateways and/or PingAccess to provide the same AI-powered attack detection and comprehensive insight, without requiring network or infrastructure modifications.
get a private preview
PingIntelligence for APIs is now available for private preview. Apply today to learn more about securing your APIs, as well as the sensitive data and mission-critical systems to which they provide access.
“PingIntelligence enables Axway to strengthen our industry-leading API security with AI and machine learning to defend against login and identity attacks, API specific DoS/DDoS and cyberattacks on data, apps and systems by discerning regular from abnormal API usage. Taking quick action when abnormalities start to occur reduces the attack identification from months to minutes.”