According to Gartner , ' Every connected mobile , modern web or cloud-hosted application uses and exposes APIs . These APIs are used to access data and to call application functionality . APIs are easy to expose but difficult to defend . This creates a large and growing attack surface , leading to a growing number of publicised API attacks and breaches . Traditional network and web protection tools do not protect against all the security threats facing APIs , including many of those described in the OWASP API Security Top 10 '.
While other API security offerings can only discover APIs already deployed in production , Checkmarx API Security addresses security issues earlier in the Software Development Lifecycle ( SDLC ). This differentiation uniquely enables :
• Comprehensive visibility of APIs : Discovers shadow and zombie APIs with the most accurate and up-to-date view into the entire API attack surface .
Checkmarx API Security addresses security issues earlier in the Software Development Lifecycle .
• True shift-left approach : Detects APIs in application source code to identify and fix problems earlier in the SDLC – faster , with less cost and lower risk .
• Prioritised remediation : Enables developers and AppSec teams to focus on solving the most critical issues first by prioritising API vulnerabilities based on their real impact and risk .
• Holistic view into application risk : Scans entire applications with a single solution , eliminating the need for additional API-specific tools to reduce the overhead on already pressured AppSec teams .
“ Modern application development is increasingly dependent on APIs , which are notoriously difficult to document ,” said Checkmarx CEO , Emmanuel Benzaquen . “ Often the only place that a given API ’ s documentation exists is on the developer ’ s laptop . Our global enterprise customers are focusing on the transition to cloud-native application development , yet their tools have only been able to address part of the API challenge that cloud-native development imposes . The Checkmarx goal is to secure every component of every application in a way that keeps developers productive and simplifies processes for AppSec leaders , thereby keeping their organisations agile , secure and competitive .” u
intelligent SOFTWARE SECURITY
www . intelligentciso . com