The article "Top Ten Innovation Directions of China's Cyber Security Industry in 2022" co-edited by Shushuo Security and Tsinghua University Network Science and Cyberspace stated that a major feature of the cyber security industry is that there are many new concepts and new terms. Research and consulting organizations represented by Gartner have to define many new product categories and technical directions every year, and many security companies are also "creating words" from a marketing perspective. This article takes stock of the "hot words" that the industry will pay more attention to in 2022, and analyzes the core capabilities, application scenarios, and key challenges of the technologies and products behind these words.
API security protection is one of the ten innovation directions of China's network security industry. As the interconnection of network applications becomes more and more common, API interfaces are gradually integrated with Web applications, mobile Internet, Internet of Things, and SaaS services. Especially after several major data breaches occurred, API security began to receive high attention. API security is a full-link risk management and control that runs through the design, development, use, and maintenance stages of APIs. It focuses on API asset identification, protection control, threat analysis, and development security. The purpose is to reduce the risk of API-specific security vulnerabilities. coming loss.
The "API security access management system" independently developed by Tongfudun aims at the threats faced by APIs, in order to help enterprise users better cope with the current API security challenges, manage the entire life cycle of APIs, and provide enterprises with unified access to APIs , access authentication, data desensitization, security protection and other capabilities. At the same time, based on the decision-making intelligence engine, it makes targeted prevention of API asset self-discovery, security hidden danger monitoring, and risk discovery to avoid business security risks and data security risks caused by APIs.
Passpay Shield Zero Trust API Security Access Management System (ZAM) quickly and frictionlessly integrates into the existing infrastructure of the enterprise through its agentless deployment option, collects API traffic in the entire application, and displays all APIs and their exposed data, based on Extensive coverage of OWASP API risks, scanning engine for business logic vulnerabilities, vulnerability scanning of APIs and related services, risk assessment of enterprise assets, emphasizing troubleshooting and analysis at the API call level, and eliminating vulnerable API risks.