Application Discovery – Why It’s Critical for API Spartan

February 22, 2019 | by Franklyn Jones

Application Discovery

We recently conducted research with 200+ large enterprises across the US and learned that, on average, these organizations had deployed 482 different web, mobile, or API application assets – on-premises or in the cloud. Furthermore, the research revealed that the majority of these applications had been targeted with malicious attacks by automated bots.

With malicious bots now accounting for nearly 1/3 of all Internet traffic, it is emerging as the new #1 cyber threat facing hyper-connected organizations that rely on externally facing applications to connect customers, partners, and suppliers across their digital ecosystem. These organizations are increasingly deploying intelligent bot mitigation technologies to detect and prevent such attacks.

But here’s the problem. We discovered that, in many cases, security teams responsible for application security are not always aware of every single application deployed across their organization. Too often, applications – and multiple user access points within those applications – go live without proper readiness by security

For example, hyper-connected enterprises often use the same log-in or checkout page at different points within the same application. Not all of these entry points are known to security teams, yet they are discovered and attacked quickly by bad actors. The problem is often worse in large enterprises with decentralized IT groups that are sometimes geographically and organizationally distributed.

When security teams deploy bot mitigation solutions, they obviously need complete visibility into all applications and entry points that are potential targets for bot attacks.  But given the fact that these organizations have nearly 500 applications here, there, and everywhere, it is unlikely they will have the visibility they need.

Most bot mitigation products are not helpful in that regard.  They require security teams to basically tell the tool what apps to protect. As a result, unknown applications and entry points can easily go unprotected, and that poses a serious risk to the business.

Therefore, a critical first step in effective bot mitigation is the automatic discovery of all application targets deployed across the distributed enterprise. The API Spartan solution from Cequence Security works with our patented CQAI analytics engine to provide that insight within minutes.  Just as important, security teams can then be automatically presented with granular insights into potentially malicious traffic targeting those applications. As a result, mitigation decisions are based on accurate information for each application target.

We invite you to request a demo and learn how the award-winning API Spartan and the CQAI analytics engine empower you to discover, detect, and defend against the new #1 cyber threat facing organizations.

Franklyn Jones


Franklyn Jones

Additional Resources