Elastic Beam’s Artificial Intelligence (AI) – powered solution focuses on an oft-overlooked threat vector – API Infrastructures; it stops attacks and provides full visibility into API activity across all data and systems, including mobile, IoT, and hybrid clouds.
Redwood City, California, June 21st, 2017: Elastic Beam today announced the unveiling of its flagship solution, API Behavioral Security (ABS). ABS is the first AI-powered software platform able to detect and block cyberattacks that target APIs to compromise corporate data and systems – in public clouds, hybrid clouds, or on premise. ABS requires no predefined policies, security rules, or attack signatures, and can stop attacks that are new and constantly changing. Its comprehensive API activity reporting simplifies forensic analysis and facilitates meeting compliance requirements.
APIs bring great economic benefits but also represent a major security risk for all organizations as they make it easier for hackers to reach into their line-of-business applications, systems and databases.
“API security vulnerabilities have been publicized… Because APIs make digital business work, securing them is essential to managing this digital risk,” notes Gartner, Inc. in Top 10 Things CIOs Need to Know About APIs and the API Economy, Paolo Malinverno et al, 25 January 2017.
Elastic Beam combines advanced AI techniques with strong API behavior expertise to identify and stop cyberattacks that use APIs to gain control of systems and data. Its solution overlays on existing API infrastructures to protect API Gateways, API Management platforms, and APIs implemented directly on application servers.
“Analyzing the behavior of all types of API threats and proactively responding, while also adding to your real time awareness of what threatens your API infrastructure is the next step in the evolution and maturing of the API economy,” said Kin Lane, the API Evangelist. “This is what Elastic Beam is working to do.”
According to a Coleman Parkes Research Ltd. Survey, 88% of enterprises are using APIs in their business. In fact, deployments of APIs in Clouds, Enterprises, and IoT environments are greatly accelerating. Attackers do represent a major risk as they defeat access control and other foundational API security services. Once a hacker is in, the average time to detect a breach is over three months.
“Relying on just access control security to stop hackers from using your APIs to attack your digital assets is like using a locked door without a surveillance system and security personnel to protect your physical assets. By the time you discover the intrusion, it’s too late and you don’t know what rooms were entered or what was done,” said Bernard Harguindeguy, CEO of Elastic Beam. “Customers love our vendor agnostic cybersecurity solution which reduces operational costs by automatically blocking API-based intrusions and providing deep insight into everything done with their APIs.”
“Until Elastic Beam we had no way to stop cyberattacks on APIs without a large group of security engineers manually watching the API infrastructure,” said Chuck Reynolds, CTO of TSI, a systems integrator for commercial and government customers. “Elastic Beam system is the automated, actionable AI solution that our customers have been asking for.”
Patent-pending API Behavioral Security provides comprehensive threat protection across a range of attacks: from hackers without credentials probing for vulnerabilities to attacks on data and systems – including data theft or destruction, API-specific DDoS attacks, complete host takeover, attacks on authentication systems, etc.
Elastic Beam API Behavioral Security reporting provides extensive information on an attacker’s progression through the API services to deliver insight into actions and potential compromises, including which systems were touched and which were not. It also provides a wealth of information for compliance and audit reports – including reporting every command or method used on any API by anyone for any time period.
Elastic Beam API Behavioral Security brings cybersecurity protection to any API infrastructure:
Blocks advanced cyberattacks that use APIs to compromise data or gain control – with no predefined rules or attack signatures – unlike today’s analytical tools with no API awareness
Prevents hackers from reconnecting after termination – when attackers are identified, enforcement nodes automatically block access across all sites, even across hybrid clouds
Reports on all API activity at scale – for forensic or compliance reporting, all actions on all APIs, including every method/command used, are captured and consolidated for easy access
API deception to trap hackers – Decoy APIs function as traps for hackers and capture attack information for analysis and reporting.
Without changing existing application servers, Elastic Beam API Behavioral Security can be deployed inline or out-of-band to provide seamless integration with any API infrastructure. Supporting multiple protocol environments such as REST, WebSocket, SOAP, and MQTT traffic, ABS delivers security for current and emerging application workloads. Installations can span private and public clouds with flexible support for bare metal, virtualized, and container environments. Offered as a subscription service.
About Elastic Beam Founded in 2014, Elastic Beam is headquartered in Redwood City, CA (Silicon Valley). The company delivers AI-powered security for the API-driven economy. Elastic Beam’s flagship solution, API Behavioral Security, was built by Silicon Valley entrepreneurs with a history of success in the Cloud infrastructure, API Gateway, and security space. To learn more about how Elastic Beam can bring intelligence and security to your API environment, please visit www.elasticbeam.com.