ArecaBay Force Field: API Security
ArecaBay Force Field® continuously discover, monitor, and secure APIs across services and clouds with zero-impact to applications. It goes beyond the gateway to provide a complete coverage of your application environment ranging from legacy applications, 3rd party applications, virtualized, containerized, and server-less applications. ArecaBay Force Field® goes above layer 7 & deep into the application payload, not just the API path or URL path but also API object level data.
ArecaBay Force Field® encompasses complete API transaction flows across every service segment. It continuously monitors enterprise risk associated with its Application APIs using Dynamic API Risk Trackers (DART) and API DLP. ArecaBay Force Field® driven by DART and API DLP enable policy actions with surgical precision against highly targeted data fields and transactions. API Force Field secures using out-of-band actions, such as invalidating sessions, stepping-up authentication and custom API actions, using the Application APIs themselves. In addition, it also provides in-line actions to drop API calls, rate-limit APIs, and quarantine data using deeper intelligence and integration with existing proxies and gateways.
DART - Dynamic API Risk Tracker
DART is a set of API level risk trackers providing the API data security posture dashboard that enables IT to continuously monitor applications.
DART anomaly detection module enables the API DLP (Data Loss Prevention) engine to take policy actions against targeted API data fields and transactions, and automatically discover and redact sensitive data everywhere.
API DLP helps you better understand and manage sensitive data and access. It provides fast, scalable classification and redaction for sensitive data elements. API DLP provides tools to classify, mask, tokenize, and transform sensitive elements in real-time to help you better manage the data that you collect, store, or use for business or analytics.
API Security Threats
“By 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise applications”