As organizations continue to expand their digital footprint, new vulnerabilities are constantly emerging that can put them at risk. Among the most prominent new examples is attacks that exploit the growth of application programming interfaces (APIs), which work to connect applications and systems to facilitate the exchange of data. Along with the ease of interaction that APIs provide, however, comes potential new entry points for bad actors to gain access to organizations’ resources and data.

According to Gartner®[1], “The explosive growth of APIs is expanding the attack surface of organizations, giving malicious actors new breach and data-exfiltration opportunities.” API management and API gateways can play an important role in how you consistently create, secure and control access to your APIs. According to “The 2022 API Security Trends Report” by 451 Research and commissioned by Noname Security, this is proving to not be sufficient, and more advanced security is needed to protect APIs across their lifecycle.

Introducing Noname Advanced API Security for IBM

Against this backdrop, IBM has collaborated with Noname Security to help companies shore up their API lifecycle against malicious activity. Noname Security’s technology extends the capabilities of the IBM API Connect and IBM DataPower Gateway solutions to help cover the spectrum of API usage, including discovery, posture management and runtime protection. This new collaboration—Noname Advanced API Security for IBM—aims to further enhance the strength of solutions for monitoring and locking down APIs from evolving threats.

The partnership with Noname Security expands IBM’s API security capabilities for more comprehensive coverage of the API lifecycle

The collaboration arrives at a critical time for businesses. The use of APIs can be increasingly integral to companies’ digital transformation, facilitating better connections with their customers and enhancing the management and ownership of data. This has led to an explosion in the deployment of APIs, and a recent survey commissioned by Noname Security showed the average organization now has over 15,000 APIs in use, with a growth rate of 201% over the past year.

That’s a lot of APIs for organizations to monitor, and without proper insights into this digital connective tissue, cybercriminals can potentially gain access to sensitive data through methods like distributed denial of service (DDoS), injection attacks, authentication hijacking, and man-in-the-middle schemes.

Outsmarting threats

Noname Advanced API Security for IBM, now generally available, allows organizations to expand their API usage while keeping close tabs on potential threats. The solution is designed to do the following:

  • Automatically discover managed and unmanaged APIs.
  • Provide insights into their behavior.
  • Monitor for adherence to industry practices and policies.
  • Systematically detect potential malicious activity and use user-configurable policies to block attacks that may transpire.

The collaboration harnesses the power of artificial intelligence (AI) to help organizations quickly apply data classification and context-aware analysis to APIs in their estate. With this inventory, the technology can analyze and assess each API for misconfigurations, vulnerabilities and alignment to industry practices. It can even provide suggested remediation steps for APIs that appear susceptible to attackers.

Get started with Noname Advanced API Security for IBM

Standing strong against the never-ending evolution of cyberattacks requires bold innovation on the part of security solution providers. The IBM-Noname Security collaboration is just that—a union to help address one of the fastest-growing threats.

Learn more about Noname Advanced API Security for IBM Sign up for a live demo to see it in action

[1] Source: Gartner, API Security Maturity Model, William Dupre, Gary Olliffe, November 30, 2022. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.


More from Announcements

IBM TechXchange underscores the importance of AI skilling and partner innovation

3 min read - Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange, IBM's premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, resellers, software vendors, distributors and service…

Introducing Inspiring Voices, a podcast exploring the impactful journeys of great leaders

< 1 min read - Learning about other people's careers, life challenges, and successes is a true source of inspiration that can impact our own ambitions as well as life and business choices in great ways. Brought to you by the Executive Search and Integration team at IBM, the Inspiring Voices podcast will showcase great leaders, taking you inside their personal stories about life, career choices and how to make an impact. In this first episode, host David Jones, Executive Search Lead at IBM, brings…

IBM watsonx Assistant and NICE CXone combine capabilities for a new chapter in CCaaS

5 min read - In an age of instant everything, ensuring a positive customer experience has become a top priority for enterprises. When one third of customers (32%) say they will walk away from a brand they love after just one bad experience (source: PWC), organizations are now applying massive investments to this experience, particularly with their live agents and contact centers.  For many enterprises, that investment includes modernizing their call centers by moving to cloud-based Contact Center as a Service (CCaaS) platforms. CCaaS solutions…

See what’s new in SingleStoreDB with IBM 8.0

3 min read - Despite decades of progress in database systems, builders have compromised on at least one of the following: speed, reliability, or ease. They have two options: one, they could get a document database that is fast and easy, but can’t be relied on for mission-critical transactional applications. Or two, they could rely on a cloud data warehouse that is easy to set up, but only allows lagging analytics. Even then, each solution lacks something, forcing builders to deploy other databases for…