What We Do
API is the “new TCP/IP”: enterprise applications interconnected with APIs are becoming the interface to business-critical data. While API Gateways offer some security features for Public APIs (e.g. API exposed for 3rd party developers), a vast majority of Enterprise Private APIs are still being treated as just payloads of “web traffic”. With adoption of the Cloud and new app architectures such as micro-service mesh, increasing number of Private APIs will be exposed externally as Outer APIs to support clients such as mobile apps or Line of Business web apps. Conventional tools such as WAF or proxy are lacking in providing deep activity and object level observability to API calls traversing through them, let alone the Service Mesh lateral/east-west APIs that are largely unmanaged. This is the reason why Gartner predicts in a report (ID: G00342236) that API abuses will be the major vector leading to data breaches.
ArecaBay enables InfoSec and DevOps teams to discover, monitor, and secure APIs, especially Private APIs that are Cloud-enabled. Rather than forcing Private API calls through yet another inline gateway (be it on-premises or Cloud), we enhance the existing application infrastructure by super-imposing a Network Engine layer of Micro-Sensors that enables API Observability and Security without any modification to the application code or runtime environment.
The same Network Engine is used for two products:
ArecaBay X-Ray for API Observability for DevOps
Arecabay Force-Field for API Security for InfoSec and SecOps
API Transaction and Object Level Data with
No Code change
No Run-time or Library change
No Host/OS modification
No Agent inside container
Network Deployment with
No Kernel/OS network stack dependency
No Host/VM/infra dependency or impact
No Performance/Availability impact
No Impact on shared infrastructure
Reduced Time-To-Detect(MTTD) & Time-to-Respond(MTTR)
with Zero-Impact to Uptime
+ Why is this unique
- Deploys anywhere: At the core of ArecaBay is its Network Engine consisting of an array of lightweight software micro-sensors that are easily deployed, without modification to the app or app runtime, as network taps, gateway plug-ins, container sidecars, serverless functions, or message bus consumers.
- Self Learning: Self-adaptive API learning process ensures the Network Engine continuously learns and targets highly relevant API activities and data.
- Deep Tracing: The Network Engine monitors all end-to-end API flows at the finest granularity level, providing DevOps object level insights and correlated call traces across the entire transaction, while supporting a Dynamic API Risk Tracker(DART) dashboard for SecOps to take specific, target remediation actions against session/data anomalies.
- North/South and East/West: Zero impact deployment means universal API mediations.
+ Why should you care
APIs are the "new TCP/IP". Enterprise organizations like yours have seen increasing use of APIs to provide access to applications and to business-critical data. As API usage increases, so are API security risks. Gartner predicts in a report (ID: G00342236) that API abuses will be the major vector leading to data breaches. Furthermore, in a rapidly expanding digital mesh, service-to-service (external or internal) API connections are the foundation of mission critical applications. Monitoring and performance management of end-to-end API transaction, with no impact or restriction to the application, become vitally important.
+ Why other approaches do not work
Conventional network security tools (e.g. IDS, IPS, Firewall, WAF, and Layer-3, Layer-4, Layer-7 Segmentation) are limited to front-end north-south access and target mostly URLs of APIs, not the actual payload-level data.
Server OS or runtime “self-protection” app-sec tools require changes to codes or app runtime and thus severely limiting their adoption by Dev and DevOps.
Log-based tools are not effective, even when enhanced by AI, as logs are rarely real-time and worse, don’t provide sufficient call-level data.
Traditional API performance measurement tools are not built to provide granular information at the API object level. Also, most of them are not built for cloud native technologies such as kubernetes and are opaque to mTLS (mutual TLS) encryption between services.
ArecaBay provides a “best of both world's” solution: API object-level app-sec visibility/control using an intelligent Network Engine that is as easy to adopt by DevOps as a network sniffer.
+ How do you map ArecaBay to today's landscape
- API Sniffer: Think of us as an API Sniffer tool like tcpdump or wireshark for API monitoring and observability.
- API IDS/IPS: Think of us as an IDS/IPS for APIs.
- API WAF: Think of us as the next generation of WAF with complete coverage of WAF functions at an API layer.
- API Next-gen Firewall: Think of us as the next generation firewall that can go deep into APIs and its payloads and also provide full access control features
Why API Security, and Why Now?
Gartner predicts that, by 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise applications.
API exploitation Data breaches are on the news almost on a daily basis, but conventional tools do not provide a zero-impact solution that addresses such security threats.
ArecaBay customers instantly identify their API security posture, making it simple to remediate and secure.
Experience a Live 15-Minute Demo
See how ArecaBay can take your application security to the next level in a live, personalized demo with a solution consultant.