fbpx

Traceable’s VP of Global Sales, Andrew Wesbecher, on Traceable’s Unique Approach to API Security

 

Recently, Traceable’s own Andrew Wesbecher discussed  the importance of API security in the new, API-driven landscape of software development. Specifically, that API security should be at the forefront of cybersecurity security practices, especially in highly regulated industries.

The full interview is on Let’s Talk.

Called upon to explain the increasing vulnerabilities that necessitate API Security, and how Traceable is solving for API Security, Wesbecher outlines basic flaws in current security practices that lead to vulnerabilities exposing your data to anything from accidental data loss to malicious attacks. 

Click the image below to watch the entire interview.

Listen to the episode to learn:

  • How the software defined perimeter is replacing the traditional security perimeter as a result of API Sprawl 
  • Why traditional security measures are insufficient to protect your data:  many API attacks are activities perpetrated by threat actors, which WAFs lack signatures for, so WAFs are treating potentially malicious web traffic as normal and leaving your data vulnerable
  • Approaches companies can and should take to secure their data, including using an API platform to prevent data exfiltration and data loss while managing risk at scale
  • How Traceable uses API visibility to solve for API security 
  • How organizations are currently restructuring to address the problem from a compliance and prevention perspective 

Many industries are affected by API security vulnerabilities, but Wesbecher also highlights the most affected: highly regulated industries. Given the number of high profile data breaches that have happened because of weak or non-existent API Security, it needs to be front and center for security practices, as a board-level priority. Recent examples include Optus, Venmo, Coinbase, and the infamous Experian breach that happened via API. 

It’s not simply an additional attack surface. APIs have become deeply integrated into our technology and services. It’s literally impossible to conduct business without them. And the industry is catching on.

According to Gartner:

  • APIs are critical to the success of organizations’ digital transformation programs. In a Gartner survey, 70% of enterprises cited APIs as important to digital transformation and API security as their top challenge.
  • By 2024, API abuses and related data breaches will nearly double.
  • By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.
  • By 2021, 90% of web-enabled applications will have more surface area for attack in the form of exposed APIs rather than the UI, up from 40% in 2019.


In addition, organizations are using outdated, unreliable approaches to secure their environments, and aren’t yet including the protection of the API layer in those plans. These approaches are proving insufficient, especially given the number of recent API data breaches that have had disastrous consequences. 

To learn more, watch the full interview, and request a demo from Traceable to discover how we are solving for the industry’s most pressing API Security challenges.

—–

About Traceable

Traceable is the industry’s leading API security platform that identifies APIs, evaluates API risk posture, stops API attacks, and provides deep analytics for threat hunting and forensic research. With visual depictions of API paths at the core of its technology, its platform applies the power of distributed tracing and machine learning models for API security across the entire software development lifecycle. Book a demo today.

 

Recommended reads.