Cequence Security Enhances API Security Testing Capabilities

Cequence Security, a provider of unified API protection, announced it has enhanced the testing capabilities within its Unified API Protection Platform with the availability of API Security Testing. This framework encourages shift-left efforts by giving security and development teams the tools to uncover and remediate API vulnerabilities in pre-production environments that could lead to business disruption in production.

With API Security Testing, security and development teams can integrate continuous and automated testing of their pre-production APIs into their development and release cycle. For scenarios where no API specifications exist, security teams can leverage real-time API traffic analysis to baseline API specifications based on runtime traffic, eliminating the need to search for owners of legacy APIs or create specifications from scratch.

Key capabilities of the offering include:

  • Continuous integration (CI)/Continuous development (CD) and Collaboration Tools Integration – Integrates with CI/CD tools like Gitlab, Azure DevOps, Jenkins and Bamboo, allowing developers to run tests against their pre-production APIs to detect and report security risks.
  • Visualize Results and Remediate Test Failures – Security and development teams can visualize results and drill down into details to quickly understand the compliance issues identified in pre-production APIs. Summary reports allow results to be exported and shared with API owners and development teams for quick remediation and re-execution of tests.
  • Comprehensive OWASP API Top 10 Risk Detection – Detects security risks including the OWASP API Top 10 and business logic risks, including introduction of shadow APIs and sensitive data exposure. Administrators can define customized sensitive data exposure and custom risk categories for different groups of APIs based on the vertical. For example, retail customers can create policies configured to look explicitly for credit card numbers, while automotive customers can monitor and prevent exposure of vehicle identification numbers.

API Security Testing is part of the Cequence Unified API Protection solution and leverages an open, extensible architecture to seamlessly integrate into existing API protection infrastructure.

Learn more at www.cequence.ai.