Symantec Counts on APIs to Extend Cybersecurity Reach - Security Boulevard

Symantec Counts on APIs to Extend Cybersecurity Reach

Symantec this week showed its Symantec Integrated Cyber Defense (ICD) Platform is making headway in the development space to help better secure the enterprise.

The company announced that more than 120 companies have now committed to building 250-plus products and services leveraging a common set of application programming interfaces (APIs) that are exposed via the ICD Platform.

Art Gilliland, executive vice president and general manager for enterprise products at Symantec, said the Symantec ICD platform is unique in that it does not attempt to impose a central control plane through which all cybersecurity events are managed. Instead, vendors commit to share cybersecurity alerts and events across open APIs that are published on the ICD Platform. Vendors that have committed to publishing those APIs include Amazon Web Services (AWS), Box, IBM Security, Microsoft, Oracle, ServiceNow and Splunk.

The Symantec ICD Platform has been evolving ever since the company acquired Blue Coat Systems in 2016. The subsequent integration effort led Symantec to realize the company could add substantial value by making it easier for a wide range of cybersecurity tools to share data, said Gilliland. But rather than trying to become an uber-platform that would see to subsume all other tools, Symantec realized more vendors would cooperate in an effort to share data that did not require them to give up control over their own data management plane. Instead, it will be up to each individual customer to decide how any given set of cybersecurity products and services should be integrated, he said.

To further advance that goal this week, Symantec also announced it is adding an “Innovation Playground” program within its Technology Integration Partner Program to make it easier for startup companies to leverage the APIs published by Symantec.

In addition, Symantec announced it is adding ICD Exchange, a universal data format for sharing events, intelligence and actions across Symantec and third-party systems; and ICD Manager, which provides unified visibility into threats, policies and incidents to reduce incident response times to minutes from days.

Finally, Symantec also announced Data Loss Prevention 15.5, which is now integrated with the company’s endpoint security software to better prevent untrusted applications from accessing confidential data. That capability also leverages the APIs that Symantec has developed.

In effect, Symantec is applying many of the concepts first advanced as part of the so-called API Economy to the realm of cybersecurity. By publishing a set of well-documented APIs, Symantec not only helps reduce the cost of implementing multiple layers of security, it also increases the probability that its core security offerings will be included in what ecosystem a cybersecurity team eventually builds.

But the biggest benefit may come in the form of advancing best DevSecOps processes. Once cybersecurity vendors start to implement a common set of APIs, it will become much easier for developers to programmatically invoke a wide range of cybersecurity functions. It may take a while for developers to master those APIs, but at the very least the opportunity to achieve that goal is now much greater than it ever was before.

Michael Vizard

Featured eBook
Managing the AppSec Toolstack

Managing the AppSec Toolstack

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking  more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now ... Read More
Security Boulevard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 286 posts and counting.See all posts by mike-vizard