Edgio has announced a new feature that leverages machine learning to protect application programming interfaces (APIs), helping to discover and guard against unauthorized and potentially harmful APIs. The new service is part of Edgio’s broader application security services offered through its content delivery network (CDN).
Edgio integrates machine learning for API security
Edgio, a prominent player in application security services, has taken a significant step to strengthen its offerings by incorporating machine learning capabilities into its system. The idea is to effectively discover and protect against rogue or zombie APIs that could potentially cause security concerns. These harmful APIs can be deployed unknowingly by developers and might slip under the radar of cybersecurity teams. Now, with the help of machine learning algorithms, Edgio aims to simplify the tedious task of identifying such unauthorized APIs.
Edgio's service stands out due to its support for OpenAPI, a standardized specification language for HTTP APIs. This support enables Edgio to consistently apply encryption, API rate limiting, and other controls. The firm currently provides support for REST APIs, with plans in the pipeline to include other formats such as GraphQL, all depending on customer demand. This flexibility shows Edgio's commitment to adapting their services to meet their customer's evolving needs.
API schema validation: Edgio's innovative security model
Edgio utilizes a unique security model that's based on API schema validation. This approach ensures that only API requests that match the proper specifications are allowed access, preventing malformed or unexpected data from causing errors or being exploited by cybercriminals. This strategy not only thwarts potential SQL injection attacks, but also stops malicious API calls from overloading the application by filtering them at the source, offering an additional layer of security.
Edgio's holistic approach to web application and API protection
Rather than focusing on securing APIs in isolation, Edgio offers a more holistic approach to organizations that host their applications on its CDN. The firm offers comprehensive web application and API protection (WAAP) services that are managed on behalf of their clients. This approach ensures not only secure APIs but also more reliable web application performance, providing customers with a secure and efficient application hosting experience.
Facilitating efficient API schema changes: Edgio's platform
The Edgio platform provides a robust environment for DevSecOps teams to efficiently test and validate changes to API schemas. This capability decreases the risk of inadvertently blocking legitimate traffic and reduces the mean-time-to-resolution (MTTR) with faster testing. Changes to rules can be deployed across the entire network in less than 60 seconds, enabling swift responses to any potential attacks. This feature positions Edgio as a valuable tool in the rapidly evolving DevSecOps landscape.
As organizations increasingly deploy modern, microservices-based, cloud-native applications, each with their unique API, centralizing the management of API becomes critical. However, it requires the collaboration of development teams and cybersecurity professionals, which can be challenging due to the cultural divide that exists between these teams. It's an issue that organizations will need to address, as cybercriminals are increasingly targeting lightly defended APIs to extract data for nefarious purposes.