ThreatX Unites DevOps and Security Like Never Before With Always-Active API Security From Development to Runtime
April 29 2024 - 9:00AM
Business Wire
Patent pending always-active API security capabilities are
powered by ThreatX's eBPF-based sensors, enabling DevSecOps to
detect and remediate vulnerabilities earlier, while protecting
APIs
ThreatX, a visionary innovator in application and API security,
today announced it has extended its Runtime API and Application
Protection (RAAP) offering to provide always-active API security
from development to runtime, spanning vulnerability detection at
Dev phase to protection at SecOps phase of the software
lifecycle.
By combining runtime detection and dynamic scanning with
protection, ThreatX’s RAAP solution empowers DevSecOps to detect
and remediate vulnerabilities earlier, while protecting vulnerable
APIs – all within one platform. Leveraging extended Berkeley Packet
Filter (eBPF) technology, RAAP enables real-time, persistent
observability into API/App architecture, traffic data exchanges,
vulnerabilities, and threats (including zero-day attacks). It
endlessly observes application/API security posture, east-west and
north-south, so that vulnerabilities and attacks cannot take place
unnoticed from development to production environments, thus
fostering collaboration between DevOps and Sec teams through a
unified platform. The latest Always-Active API Security
capabilities enable Dev to remediate vulnerabilities early and Sec
to protect what has not been remediated.
Traditional application and API security solutions fall short in
providing one essential element: real-time, continuous
observability across the entire DevOps cycle. On one hand –
monitoring technologies, such as WAF/WAAP – inspect security
posture continuously, but only at SecOps phase and without deep
insight into application/API architecture. On the other hand –
scanning technologies, such as SAST, DAST, and SCA – provide
insight into application/API architecture but do it only at Dev
phase and on an intermittent, non-continuous basis. With the latest
Always-Active API Security capabilities, ThreatX RAAP offers a
solution to those deficiencies by combining the best of monitoring
and scanning capabilities.
“The CISOs I speak to consistently emphasize the need for a
solution that combines the functionalities of WAF, RASP, and DAST
or SAST, rather than having multiple standalone AppSec tools.
Having the ability to consolidate all these functions into one
platform will decrease operational burden, reduce complexity, and
foster collaboration between DevOps and security teams,” said Gene
Fay, CEO at ThreatX. “We are excited to provide these unified
runtime and dynamic API testing capabilities by extending ThreatX’s
RAAP offering, enabling DevSecOps to remediate vulnerabilities like
never before.”
ThreatX RAAP is easily deployed as a sidecar container within a
Kubernetes (K8) environment without requiring an in-line
deployment. It may be installed as a standalone solution or coupled
with the ThreatX API & Application Protection – Edge
solution.
Learn more about ThreatX Always-Active API Security capabilities
by taking a product tour or visiting us at RSA
Conference (Booth 3103) May 6th – 9th in San Francisco, CA. Follow
ThreatX on LinkedIn for more event details.
About ThreatX
ThreatX is an innovator of API and application security - from
the edge to runtime, enabling Dev to discover and remediate and
Security to protect. Trusted by companies in every industry around
the globe, ThreatX's integrated platform detects API/application
vulnerabilities and protects against attacks 24/7. Learn more at
https://www.threatx.com.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240425505512/en/
Sydney Gangi, ThreatX, sydney.gangi@threatx.com