Imperva Cyber Community

Expand all | Collapse all

Benefits of API Security

  • 1.  Benefits of API Security

    Posted 20 days ago
    Hi All,

    Is there a benefit to implementing Imperva's positive API security method https://www.imperva.com/products/api-security/ vs just putting out APIs behind the WAF?  What are the benefits of going this extra step?

    Thanks,
    #APISecurity

    ------------------------------
    Phillip Mulloy
    Sr. Network Engineer
    Southfield MI
    ------------------------------


  • 2.  RE: Benefits of API Security

    Imperva Employee
    Posted 20 days ago

    Hi Phillip 

    API security compliments the Cloud WAF by adding a layer of protection to the API itself.

    Our API solution:

    • Leverages the SaaS infrastructure and the CDN and DDoS capabilities of Imperva Application Security suite, and uses the same management portal.
    • Allows users to see security events per API endpoint and automatically creates and enforces a positive security model layer from the customer's Open API specification document (i.e. Swagger).
    • Automatically disables Captcha cookie challenge and Javascript challenge on API traffic.
    • Integrates with API management platforms through designated APIs and open source tools, making security an integral part of API lifecycle management.

    You can read more in the Imperva API Security documentation

    I also suggest you  look at the following webinars to get an even better understanding

    Introduction to Imperva API Security: Community Webinar

    Securing API's Part 2 Mitigating Input Validation Vulnerabilities Community Webinar

     

    Doron



    ------------------------------
    Doron Tzur
    Customer Success Manager
    Tel Aviv CA
    ------------------------------