WP Imperva Ships API Security Providing Continuous API Discovery and Data Classification with Two Deployment Models | Imperva

Imperva Ships API Security Providing Continuous API Discovery and Data Classification with Two Deployment Models

Imperva Ships API Security Providing Continuous API Discovery and Data Classification with Two Deployment Models

Every day, organizations are challenged to bring products to market faster and out innovate their competition. At the heart of many digital transformation initiatives are development teams looking for ways to achieve initiatives and deliver on new product goals. Many of these teams openly embrace microservices and open source to satisfy the demands of fast and inexpensive development, but find themselves needing to build more layers and connectivity than ever before. Enter the rise of Application Programming Interfaces (APIs).

APIs enable applications to communicate with one another, and have become the lingua franca of this rapid development process. A recent Postman survey indicated that about 67% of respondents consider themselves as an API-first business. This implies a high level of adoption of APIs for these businesses. And why shouldn’t they? APIs simplify access to software functionality and data. They enable developers to focus on the core capabilities of their applications while others can work on accessing it. Likewise, across the wider enterprise and across businesses, APIs lower the barrier to entry to connect applications together, system to system and app to app. Think of any mobile app, desktop app, any SaaS app or IoT device that you can access remotely, they all depend on APIs to operate effectively. So it bears no surprise that APIs, collectively, represent the biggest attack surface in the modern digital world we live in.

Imperva recognizes this emerging attack vector and to demonstrate our commitment to protecting our customers data and all paths to it, we are announcing Imperva API Security with continuous API discovery and data classification. This service offering is designed for Security and DevOps teams that require complete visibility into the APIs in use for their legacy and cloud-native application development efforts. Security teams can seamlessly integrate Imperva API Security with their Imperva Cloud Web Application Firewall (WAF) instances. DevOps and DevSecOps teams can easily deploy API Security as a standalone solution in any environment, enabling users to gain visibility into all API traffic.

Imperva leverages Cloud Vector acquisition

In May 2021 we acquired Cloud Vector, an innovator in API Protection. This offering leverages CloudVector technology to enable a comprehensive Web Application & API Protection (WAAP) offering so customers can holistically defend their web applications from complex attacks. Imperva API Security delivers a differentiated set of safeguard capabilities that align with today’s enterprise movement of implementing a DevSecOps approach with more visibility and control over APIs in developer environments all while providing a complete platform solution for environments that require it.

Key benefits of Imperva API Security

  • Continuous discovery of APIs and schema changes. With a simple activation, quickly detect all APIs (including shadow and zombie APIs) to enable the creation of a positive security model. Automatically updates API inventories to ensure the security team keeps pace with developers who frequently modify APIs in production.
  • Identify and classify data flowing through any API. Save development time by automatically identifying each API’s full schema while classifying the data that flows through it.
  • Flexible deployment model. Provides API protection for both public-facing and backend APIs in a single solution that can be deployed two ways: as an add-on to their Imperva Cloud WAF deployment or deployed within their cloud-native environment. without slowing down development teams and works across legacy, hybrid, and cloud-native environments including: Kubernetes, legacy monolithic apps, standalone microservices, web proxies, or API gateways that integrate with other existing infrastructure.
  • Enable API governance. Gain deep visibility beyond the API endpoint and into each API’s underlying payload to identify sensitive data that could be subject to regulations. This helps business leaders in highly regulated industries a means to enforce a governance model and provide a means for APIs to be included in reporting.

Great API Security starts with discovery

Security policies should span both websites and APIs and it is critical to manage security for them with a single analytics layer that gains unified visibility and contextual insights. Imperva API Security delivers advanced discovery capabilities right out-of-the-box that enable organizations to build customized policies to meet specific security requirements via a positive security model. Further, continuous discovery eliminates the burden on development teams to provide updates to APIs and enables security to audit and validate APIs that are consistent with expectations.

To learn more about this release, please join us at Imperva Amplify 2022 for more details on API Security, cloud-native security and more.

Where to go for more information

Imperva API Security launch Press Release
Imperva API Security Datasheet
Imperva API Security on the web
Amplify 2022