DENVER, January 22, 2019 - Ping Identity, the leader in Identity Defined Security, today announced that it has made several significant updates to PingIntelligence for APIs, its AI-powered API cybersecurity solution. These latest enhancements include an AI-based cloud trial, the ability to detect new types of attacks, support for Splunk environments, and additional integration with API gateways.
The lack of visibility into how APIs are consumed is becoming commonplace in today’s enterprise environment. In fact, a recent Ping Identity survey conducted among security and IT professionals reveals that 45% of respondents aren’t confident in their organisation’s ability to detect whether a bad actor is accessing their APIs. Fifty-one percent aren't even assured their security team knows about all of the APIs that exist in the organisation. This data illustrates that the people trusted with securing APIs don’t have enough visibility into their activity to identify abuses and attacks, which has contributed to why recent API attacks were not discovered for months.
In this latest product update of PingIntelligence for APIs, three important capabilities make protecting APIs, and the data and applications they expose, even more achievable:
1. Offers AI-Based Cloud Trial for Evaluation
PingIntelligence for APIs uses AI and machine learning methods to detect, block and report attacks, as well as deliver detailed traffic information for deep visibility into all API activity - which helps secure APIs and the digital assets they connect. To make it easier for organisations to experience this for themselves, Ping now provides a cloud-based intelligence trial.
2. Provides Stronger Security by Detecting New Types of Attacks
While traditional enterprise security solutions aren’t designed to protect against attacks targeting the unique vulnerabilities APIs present, PingIntelligence for APIs fills these security gaps by detecting, reporting and blocking anomalous behaviour and attacks on each API under its watch. These include attacks on login systems, data theft, remote application control, API-specific DoS/DDoS attacks, stolen credential attacks and more. This update now extends the ability of PingIntelligence for APIs to stop additional threats, such as data exfiltration over extended periods of time, content scraping, and slow login attacks, along with delivering improved bot detection. In addition this release supports sending threat information to Splunk environments, thereby enabling teams to consolidate attack information across their full security spectrum.
3. Broadens Security Coverage by Integrating with More API Gateways
PingIntelligence for APIs enhances the security provided by any API gateway by bringing in AI-based threat detection and blocking to their environments. Adding to its current integrations with PingAccess (https://www.pingidentity.com/en/platform/access-security.html) and Axway AMPLIFY (https://www.axway.com/en/products/amplify), the Ping solution now integrates with the Apigee Edge platform.
“Ping is helping some of the world’s largest organisations protect against an ever-diversifying landscape of cybersecurity threats, including those against API infrastructures. Many of the recent API abuses and attacks took months and years to detect, further reinforcing the need for IT leaders to build API-security focused teams,” shared Bernard Harguindeguy, CTO, Ping Identity. “As evidenced by the new advancements to our PingIntelligence for APIs solution, we’re committed to delivering even more leading-edge technology to protect our customers’ API infrastructures against these emerging threats.”
About Ping Identity
Ping Identity envisions a digital world powered by intelligent identity. We help enterprises achieve Zero Trust identity-defined security and more personalised, streamlined user experiences. The Ping Intelligent Identity Platform provides customers, employees and partners with access to cloud, mobile, SaaS and on-premises applications and APIs, while also managing identity and profile data at scale. Over half of the Fortune 100 choose us for our identity expertise, open standards leadership, and partnership with companies including Microsoft, Amazon and Google. We provide flexible options to extend hybrid IT environments and accelerate digital business initiatives with multi-factor authentication, single sign-on, access management, intelligent API security, directory and data governance capabilities. Visit www.pingidentity.com
Ping Identity Contacts
Ping Identity Corporation
Follow Us on Twitter: @PingIdentity
Join our LinkedIn Group: Ping Identity: https://www.linkedin.com/company/ping-identity
Subscribe to our YouTube Channel: PingIdentityTV: https://www.youtube.com/user/PingIdentityTV
Like Us on Facebook: PingIdentity Page: https://www.facebook.com/pingidentitypage
Increasing mandates around the security of personal data have made encryption for every business. Australian businesses are leading the world in the use of encryption to protect backups, payment-related data, and laptops – and yet they still have a long way to go before encryption is both ubiquitous and manageable.
If your last access-control update was even a few years ago, you’re probably more exposed to fraud and exploitation than you’d like to be.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem