Data-driven Security: Protect APIs from Adaptive Threats

11
1 Data-Driven Security – Protect APIs from Adaptive Threats Subra Kumaraswamy, Apigee

Transcript of Data-driven Security: Protect APIs from Adaptive Threats

Page 1: Data-driven Security: Protect APIs from Adaptive Threats

1

Data-Driven Security – Protect APIs from Adaptive ThreatsSubra

Kumaraswamy, Apigee

Page 2: Data-driven Security: Protect APIs from Adaptive Threats

2©2015 Apigee. All Rights Reserved.

Agenda

1. Adaptive Threat Challenges

2. Why Data-Driven Security

3. Apigee’s Aproach

4. Key Takeaways

Page 3: Data-driven Security: Protect APIs from Adaptive Threats

Adaptive Threats

Source: Incapsula

DoS/SpamPrice Scrappers

Attack API VulnerabilitiesPollute Analytics

Loyalty Program Abuse

Page 4: Data-driven Security: Protect APIs from Adaptive Threats

Current layers of security are not adaptive

4

Rules BasedNot Agile Friendly

Address Web VulnsNo Biz logic visibilityCompliance Driven

WAF Security

IP CentricRules Based

No API Context Weak Blocking

CDN Security

Page 5: Data-driven Security: Protect APIs from Adaptive Threats

5

We need a new approach…

Page 6: Data-driven Security: Protect APIs from Adaptive Threats

Apigee Sense : Protecting from adaptive threats

6

• A new adaptive API security product to prevent sophisticated bot attacks

• Detects threat patterns at the API layer, including bot attacks

• Enables you to take actions on bots you find

Page 7: Data-driven Security: Protect APIs from Adaptive Threats

Apigee Sense

7

E

Data Warehouse

CRM, ERP, etc.

SOA

Database

Analyze billions of events

Apigee SenseData Driven Security

Machine learning algorithms

Detect Anomalous Behavior Patters

Hacker

Bot Bot

Hacker

Bot Attack Stopped

Legitimate Traffic

Adaptive Threats

• Content Scraping

• Information Theft

• Denial of Service

Bot signatures

Page 8: Data-driven Security: Protect APIs from Adaptive Threats

Apigee Sense Advantage - Deep Behavioral Analysis • Sophisticated rules and learning algorithms that compute

a risk score. Models look at anomalous behavior patterns, activity bursts, geo patterns, device fingerprinting, etc.

• Analyze billions of API calls across customers. Include purchased external IP reputation data.

• Focus on the anomalies using baseline traffic behavior

• Enable variable enforcement based on risk score (0-100)8

Page 9: Data-driven Security: Protect APIs from Adaptive Threats

Bad Bot Patterns

9

Content Stealer

Spiker/DoS Credentia

l Stuffer

Guessor

Price Scraper Storm

AttackerSpear

Attacker

Vulnerability Scanner

Page 10: Data-driven Security: Protect APIs from Adaptive Threats

• Shield your APIs from Bots and adaptive threats Save valuable system resources and from abusive

Bots. Reduce Analytics pollution due to Bot activities. Protect your proprietary content (images, pricing, etc)

and intellectual property from scrapping Bots. Gain visibility to API Key breaches to take immediate

action to limit damage.• Get started today!• No setup or additional configuration required• Register at https://pages.apigee.com/Apigee-Sense-product-

reg.html

Use Apigee Sense to:

10

Page 11: Data-driven Security: Protect APIs from Adaptive Threats

Thank You


Building adaptive apis

Building adaptive apis

Adaptive Anomaly Control: Stop Attacks before They Start · 1 Adaptive Anomaly Control: Stop Attacks before They Start Why Hardening Is Hard To fight modern cyber-threats, EPP developers

Adaptive Anomaly Control: Stop Attacks before They Start · 1 Adaptive Anomaly Control: Stop Attacks before They Start Why Hardening Is Hard To fight modern cyber-threats, EPP developers

APIS DHS NCTC APIS Memorandum of Agreement (Redacted)

APIS DHS NCTC APIS Memorandum of Agreement (Redacted)

Cisco Adaptive Security Virtual Appliance Comes to · PDF fileSolution Overview: Cisco Adaptive Security Virtual Appliance Comes to Amazon Web Services Addressing Advanced Web Threats

Cisco Adaptive Security Virtual Appliance Comes to · PDF fileSolution Overview: Cisco Adaptive Security Virtual Appliance Comes to Amazon Web Services Addressing Advanced Web Threats

Apis Windows

Apis Windows

Threat Modeling and Analysis - KAMM...Threat Modeling and Analysis ... • Point Threats • Systems Threats • Distal Threats • Proximal Threats • Terminal Threats • Pathways

Threat Modeling and Analysis - KAMM...Threat Modeling and Analysis ... • Point Threats • Systems Threats • Distal Threats • Proximal Threats • Terminal Threats • Pathways

Array Passive ISAR Adaptive Processing (APIS) · RF-Front Ends and ADCs (Receiver channels) Synchronization signals generator Power switches pannel. ing 36 Proyecto APIS: Fabricación

Array Passive ISAR Adaptive Processing (APIS) · RF-Front Ends and ADCs (Receiver channels) Synchronization signals generator Power switches pannel. ing 36 Proyecto APIS: Fabricación

Protecting APIs from Mobile Threats- Beyond Oauth

Protecting APIs from Mobile Threats- Beyond Oauth

Mobile APIs: Optimizing APIs for Many Devices

Mobile APIs: Optimizing APIs for Many Devices

Salesforce APIs

Salesforce APIs

Using APIs

Using APIs

Orange AMEA APIs presentation for Telecom APIs 2014

Orange AMEA APIs presentation for Telecom APIs 2014

Apis Windows2

Apis Windows2

Human APIs

Human APIs

APIs for Scripting - 2014 - Perforce · APIs for Scripting APIs for Scripting v Instance Methods ..... 32

APIs for Scripting - 2014 - Perforce · APIs for Scripting APIs for Scripting v Instance Methods ..... 32

HTML Hypermedia APIs and Adaptive Web Design - Nordic APIs

HTML Hypermedia APIs and Adaptive Web Design - Nordic APIs

Managing private, partner & public APIs (Nordic APIS April 2014)

Managing private, partner & public APIs (Nordic APIS April 2014)

HTML Hypermedia APIs and Adaptive Web Design

HTML Hypermedia APIs and Adaptive Web Design

HTML Hypermedia APIs and Adaptive Web Design - RuPy

HTML Hypermedia APIs and Adaptive Web Design - RuPy

Aruba Perspectives with Gartner Report “Seven Imperatives ... · Aruba Security solutions deliver continuous, adaptive security focused on the network, access, and inside threats,

Aruba Perspectives with Gartner Report “Seven Imperatives ... · Aruba Security solutions deliver continuous, adaptive security focused on the network, access, and inside threats,