Kasada, provider of the only online traffic integrity solution that accurately detects and defends against bot attacks, today announced the introduction of Kasada API, which protects an organization’s web and mobile application programming interfaces (APIs) from automated botnet attacks and targeted fraud. If left unprotected, an organization’s most sensitive API endpoints (i.e. authentication, account creation, and handling sensitive data) can be quickly exploited by attackers, giving them a direct path into the organization.
Gartner predicts that by 2022, API abuses will be the most frequent attack vector, given their criticality in cloud-native web, mobile app, and SaaS applications. Protecting APIs can be challenging, not just because of their ubiquity, but also because they are created and used by both technical and non-technical application developers within an organization, meaning security teams don’t always have full visibility into everything in use.
“Today’s users need to stay vigilant in their approach to protecting their most valuable assets, including customers, brand, and intellectual property,” said Kasada CEO Pascal Podvin. “By delivering Kasada API, we are providing our customers with a holistic line of defense that not only mitigates current attacks but also deters future ones.”
Understanding that APIs are vulnerable, attackers use emulators, simulators, and direct HTTP requests to launch attacks including credential stuffing, web scraping and application DDoS. Kasada API, delivered as a cloud-based service, has a simple deployment model and can be implemented quickly, protecting APIs with long-term efficacy from the very first request. It helps to decrease operating costs, maintains a frictionless customer experience, and most importantly, allows an organization’s developers to continue innovating rapidly using APIs.
“There are so many ways that automated attacks can inflict damage on a company’s API endpoints,” said Dick Ward, Head of Cyber Security for Sportsbet, a Flutter Entertainment company. “With Kasada, we’re able to quickly and effectively stop malicious bots targeting our login APIs used across websites and mobile apps.”
Sam Crowther, founder of Kasada shared, “As part of the ever-changing threat landscape, fraudsters shift their tactics towards the weak entry points of online businesses. It is not good enough to have only robust website security, as attackers will then quickly direct their efforts towards mobile and business apps and access sensitive data through APIs.”
Future software releases will deepen Kasada’s protection for the assortment of APIs that exist within enterprise organizations.
Coinciding with the announcement of Kasada API, Kasada published its own original whitepaper titled “Hidden Risks of APIs” that is free to download. The whitepaper outlines why APIs are frequent targets and introduces best practices for mitigating risk to protect the brand, the business, corporate intellectual property, and valuable data from attack.
Kasada provides the only online traffic integrity solution that accurately detects and defends against bot attacks across web, mobile, and API channels. With Kasada, internet control and safety is given back to human beings by foiling even the stealthiest cyber threats, from credential abuse to data scraping. The solution invisibly stops automated threats while inflicting financial damage to attackers, destroying their ROI. With the ability to onboard in minutes, Kasada ensures immediate and long-lasting protection while empowering enterprises with optimal online activity. Kasada is based in New York and Sydney, with offices in Melbourne, San Francisco, and London. For more information, please visit www.kasada.io and follow on Twitter, LinkedIn, and Facebook.