Why API Network Engine?

 
 
zeroImpact.png
 
beyondGateway.png
 
aboveLayer7.png
 
 

API Transaction and Object Level Data with

No Code change

No Run-time or Library change

No Host/OS modification

No Agent inside container

Network Deployment with

No Kernel/OS network stack dependency

No Host/VM/infra dependency or impact

No Performance/Availability impact

No Impact on shared infrastructure

 
 
 

What differentiates the technology? 

Existing technologies are limited or fail to cover the complete API spectrum. ArecaBay works with containers, cloud, legacy and the third-party applications, provides zero-impact to developers, work across encrypted traffic, correlate multi-point API transactions, and use A.I. for a self-adaptive learning and behavior analysis.

 
 
 
 
 
 

Why is this Unique?

  • Deploys anywhere: At the core of ArecaBay is its Network Engine consisting of an array of lightweight software micro-sensors that are easily deployed, without modification to the app or app runtime, as network taps, gateway plug-ins, container sidecars, serverless functions, or message bus consumers.

  • Self LearningSelf-adaptive API learning process ensures the Network Engine continuously learns and targets highly relevant API activities and data.

  • Deep Tracing: The Network Engine monitors all end-to-end API flows at the finest granularity level, providing DevOps object level insights and correlated call traces across the entire transaction, while supporting a Dynamic API Risk Tracker(DART) dashboard for SecOps to take specific, target remediation actions against session/data anomalies.

  • North/South and East/West: Zero impact deployment means universal API mediations.

Why other approaches do not work?

  • Conventional network security tools (e.g. IDS, IPS, Firewall, WAF, and Layer-3, Layer-4, Layer-7 Segmentation) are limited to front-end north-south access and target mostly URLs of APIs, not the actual payload-level data.

  • Server OS or runtime “self-protection” app-sec tools require changes to codes or app runtime and thus severely limiting their adoption by Dev and DevOps.

  • Log-based tools are not effective, even when enhanced by AI, as logs are rarely real-time and worse, don’t provide sufficient call-level data.

  • Traditional API performance measurement tools are not built to provide granular information at the API object level. Also, most of them are not built for cloud native technologies such as kubernetes and are opaque to mTLS (mutual TLS) encryption between services.

ArecaBay provides a “best of both world's” solution: API object-level app-sec visibility/control using an intelligent Network Engine that is as easy to adopt by DevOps as a network sniffer.