Akamai Extends API Security Services After Neosec Acquisition
Following its acquisition of Neosec earlier this year, Akamai Technologies today added an ability to secure application programming interfaces (APIs) to its portfolio of cybersecurity services.
Neosec developed an API security platform based on a data lake through which behavioral analytics and machine learning algorithms are applied to surface potential threats. That solution now provides the foundation of an API security service provided by Akamai.
Rupesh Chokshi, senior vice president and general manager for application security at Akamai, said those capabilities also drive Akamai’s managed Shadow Hunt threat-hunting service that enables cybersecurity teams to better focus their remediation efforts.
Collectively, these services address API discovery, visibility and risk auditing in addition to threat detection and response capabilities, he noted.
Previously, Akamai provided a range of application and API security services integrated with its content delivery network (CDN), through which organizations deploy web applications. The API security service extends those core services to enable faster discovery of rogue and zombie APIs in web applications that cybersecurity teams were unaware of, said Chokshi.
Akamai, like other providers of CDNs, has been making a case for isolating internet-facing software—which is frequently targeted by cybercriminals—from enterprise applications running in a local data center that typically have more sensitive data.
A recent report published by Akamai Technologies suggested that in addition to launching attacks against web applications, more cybercriminals are specifically looking to compromise APIs. Overall, the attacks against web applications and APIs grew 137% in 2022, with local file inclusion (LFI) attacks—most widely used for reconnaissance purposes—growing 193% year-over-year, the report found.
The report also noted that broken object-level authorization (BOLA) attacks are the top method being used to compromise APIs. These attacks enable cybercriminals to access sensitive data without authorization by manipulating the ID of an object sent within a request to the API. In effect, cybercriminals are exploiting a flaw within the application logic.
Before too long, cybercriminals will also use artificial intelligence (AI) to create social engineering attacks that will manipulate API weaknesses to exfiltrate data, added Chokshi. The only way to combat those types of threats is to invest in AI capabilities that track API behavior, he added.
As organizations deploy more modern microservices-based cloud-native applications that each have their own unique API, the overall size of an attack surface might be made up of hundreds, potentially thousands, of APIs. That issue will need to be addressed as cybercriminals increasingly target lightly defended API endpoints to exfiltrate data that they can hold for ransom or sell to other interested parties.
It’s not clear whether cybersecurity teams or DevOps engineers will be expected to secure those APIs. The one thing that is certain is when an inevitable breach occurs, it will be the cybersecurity team that is tasked with determining what went wrong and how to prevent it from happening again.