DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Azure Migration Strategy: Tools, Costs and Best Practices
  • Blameless Integrates Incident Management Platform With Opsgenie
  • OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
  • Red Hat Brings Ansible Automation to Google Cloud
  • Three Trends That Will Transform DevOps in 2023

Home » Latest News Releases » Traceable AI Addresses Newest FFIEC Compliance Guidelines Highlighting API Security for Financial Institutions

Traceable AI Addresses Newest FFIEC Compliance Guidelines Highlighting API Security for Financial Institutions

By: Veronica Haggar on January 10, 2023 Leave a Comment

Company provides required API security measures to meet 2023 cybersecurity mandates 

Recent Posts By Veronica Haggar
  • ClearML Releases New Reports Feature to Share Real-Time Results of Machine Learning Projects and Ignite ML Collaboration Across the Enterprise
  • Newgen Recognized in 2023 Gartner® Magic Quadrant™ for Enterprise Low-Code Application Platforms for Third Year in a Row
  • The Netherlands Commits $10 Million for UNCTAD’s Work on the Digital Economy and Business and Investment Facilitation
More from Veronica Haggar
Related Posts
  • Traceable AI Addresses Newest FFIEC Compliance Guidelines Highlighting API Security for Financial Institutions
  • The Uber API Authorization Vulnerability
  • Techstrong Live! Days, DC: Upskilling DevOps, Cloud-Native and Cybersecurity
    Related Categories
  • Latest News Releases
    Related Topics
  • API security
  • FFIEC Compliance Guidelines
  • Traceable AI
Show more
Show less

San Francisco, CA, January 10, 2023 — Traceable, the industry’s leading API security and observability company, today announced it is providing the necessary API security measures to enable FDIC-insured financial institutions to meet the latest Federal Financial Institutions Examination Council (FFIEC) cybersecurity compliance mandates.

TechStrong Con 2023Sponsorships Available

On October 3, 2022, the FFIEC announced a significant update to meet cybersecurity mandates for financial institutions. This update explicitly calls out APIs as a separate attack surface in regulatory guidelines that represents a significant shift in compliance trajectories, and highlights the increased threats that APIs pose. The FFIEC specifically created these new guidelines prompting financial institutions to inventory APIs as part of their overall inventory of information systems and risk assessments.  For example, banks utilize APIs with their digital banking services and information system access points, making the sharing of data easier, and the customer banking experience better.  However, as a top attack vector, APIs, when not carefully identified and secured, can be compromised in seconds – putting businesses and their customers’ sensitive data at significant risk.

“This year will be a reckoning for financial institutions.  With an average of three banking-related APIs connected to customers, now is the time to understand your APIs and act immediately to protect your data and your customers,” said Richard Bird, Chief Security Officer at Traceable. “We have been working with large financial institutions to assess their APIs, enabling them to fully understand their threat posture.  Most are shocked by the results. This initial shock is certainly the trigger for them to get a comprehensive picture of the APIs they have – current and legacy as well as internal and external.  Knowing this enables them to act immediately.”

APIs are now the primary attack vector for data breaches, and Traceable is working closely with the top financial institutions to enable them to take the first step in securing their APIs – as required by FFIEC. Traceable discovers and identifies all APIs – internal, external, third-party and partner APIs, with its data-rich catalog, for comprehensive and real-time visibility into clients’ entire API ecosystem and API sprawl.

With Traceable’s approach, financial institutions can immediately:

o    Take Continuous API Inventory: Instantly identify and catalog all APIs in your environment including internal, external, third-party and partner APIs. API types include GraphQL, SOAP, HTTP, RESTful, XML-RPC, JSON-RPC, and gRPC, and more.

o    Understand API Risk Posture: Traceable provides a security risk score to every API, which allows organizations to determine which APIs are most vulnerable to abuse by collecting data on runtime details such as sensitive data flows, API call maps, API usage behavior, user details, event details, threat activity levels, and more.

o    Identify Sensitive Data Exposure: Since APIs potentially expose highly sensitive information, and transmit that data from internal APIs to third-party applications, it is imperative to know the sensitive data flow end-to-end, to understand the level of exposure.

o    Benefit from Automatic Conformance Scanning and Analysis: An important part of API discovery and inventory of APIs, is knowing if development specs match the APIs that are implemented in production environments.

This can all be accomplished with Traceable’s flexible data collection and deployment options, including the option of deploying 100 percent on-premise in an air-gapped model, or SaaS, or hosted in your own AWS, GCP, and Azure cloud.

Financial institutions can see where they stand immediately with Traceable’s free API security risk assessment to better evaluate and understand the risks posed by APIs in their environment.  Additionally, Traceable will be hosting a webinar focused on the FFIEC mandates. To attend, please register here.

About Traceable
Traceable is the industry’s leading API security platform that identifies APIs, evaluates API risk posture, stops API attacks, and provides deep analytics for threat hunting and forensic research. With visual depictions of API paths at the core of its technology, its platform applies the power of distributed tracing and machine learning models for API security across the entire development lifecycle. Visual depictions provide insight into user and API behaviors to understand anomalies and block API attacks, enabling organizations to be more secure and resilient. Learn more at traceable.ai.

Filed Under: Latest News Releases Tagged With: API security, FFIEC Compliance Guidelines, Traceable AI

« Why GraphQL Will Reign King
Predict 2023: Stand and Deliver »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Automating Day 2 Operations: Best Practices and Outcomes
Tuesday, February 7, 2023 - 3:00 pm EST
Shipping Applications Faster With Kubernetes: Myth or Reality?
Wednesday, February 8, 2023 - 1:00 pm EST
Why Current Approaches To "Shift-Left" Are A DevOps Antipattern
Thursday, February 9, 2023 - 1:00 pm EST

Sponsored Content

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Practical Approaches to Long-Term Cloud-Native Security

December 5, 2019 | Chris Tozzi

Latest from DevOps.com

Azure Migration Strategy: Tools, Costs and Best Practices
February 3, 2023 | Gilad David Maayan
Blameless Integrates Incident Management Platform With Opsgenie
February 3, 2023 | Mike Vizard
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
February 2, 2023 | Richi Jennings
Red Hat Brings Ansible Automation to Google Cloud
February 2, 2023 | Mike Vizard
Three Trends That Will Transform DevOps in 2023
February 2, 2023 | Dan Belcher

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

GET THE TOP STORIES OF THE WEEK

Most Read on DevOps.com

New Relic Bolsters Observability Platform
January 30, 2023 | Mike Vizard
Jellyfish Adds Tool to Visualize Software Development Workflows
January 31, 2023 | Mike Vizard
Let the Machines Do It: AI-Directed Mobile App Testing
January 30, 2023 | Syed Hamid
Cisco AppDynamics Survey Surfaces DevSecOps Challenges
January 31, 2023 | Mike Vizard
Five Great DevOps Job Opportunities
January 30, 2023 | Mike Vizard
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.