As a co-founder of Cequence, I get the pleasure of seeing firsthand how our products help our customers protect their APIs from malicious attacks that can lead to fraud and data loss. However, the challenge any small company has is getting the word out to the market at large, particularly in the crowded API Security space. So it’s with great pride that I highlight Gartner’s recognition in several recent research reports and a webinar. These mentions are great validation points for our customers, our prospects, our team, and me personally. A summary of the Gartner recognition is below.
- Our most recent point of recognition is in the Hype Cycle for Application Security assembled by Joerg Fritsch. Cequence was recognized as a vendor in both the Bot Management segment authored by Jeremy D’Hoinne, Ramon Krikken, and Akif Khan as well as the API Threat Protection segment, authored by Mark O’Neill and Jeremy D’Hoinne. The API Threat Protection vendor recognition for Cequence was also included in the Hype Cycle for APIs and Business Ecosystems authored by Mark O’Neill and John Santoro and the Invest Implications: Hype Cycle for Application Security authored by Frank Marsala.
- Prior to the Hype Cycle for Application Security recognition, we were recognized in the API Security: Protect your APIs from Attacks and Data Breaches webinar by Mark O’Neill and Dionisio Zumerle. The webinar explored the attack paths for APIs and how your team can protect against them by building secure APIs. Mark and Dionisio provide advice on how API discovery and API security testing help strengthen this initiative.
Using one of the slide images from the webinar, I see API Sentinel helping our customers implement their API-first initiatives by helping them find, track and protect their public-facing and internal APIs. We do this in three ways:
- API Sentinel identifies internal and public-facing APIs through native integration with API management infrastructure including API gateways, load balancers, CDNs, proxies, and ingress controllers. The Discovery API allows you to proactively push API metrics from other network sources to API Sentinel as an alternative to an inline deployment.
- The breadth of API Sentinel network integration options allows us to see managed, unmanaged (shadow, unsecured), and third-party APIs, giving our customers a complete inventory of their internal and public-facing APIs. Once discovered, APIs are analyzed and protected from threats.
- Finally, CQAI, our patented ML-based analytics engine detects the most sophisticated automated attacks hiding in plain sight with findings then used in policy to stop the attack or forwarded to an external source via the Export API for enforcement, analysis, and deporting.
- Lastly, we were also recognized as a Bot Vendor in the Market Guide for Online Fraud Detection authored by Akif Khan and Jonathan Care. The OFD market is defined by Gartner as solutions that detect and prevent wrongful or criminal deception within digital (browser and app) B2C channels. Gartner considers OFD to be a foundational technology deployed within these digital channels to prevent direct and indirect losses and to mitigate risk. The core capabilities within the OFD market consist of:
- Monitoring payment transactions to detect suspicious activity.
- Protecting the integrity of the login process to prevent account takeover (ATO).
- Augmenting identity proofing processes to deter new account fraud
I am happy to see our name listed as a Bot Management vendor in the Online Fraud Detection market.
We have been helping our customers fight fraud in the form of account take over, account signups, and micropayment theft in volumetric form driven by automated bots and low and slow manual efforts. On a daily basis, we are analyzing more than 2 billion transactions a day, the bulk of which are very sophisticated ATOs. By preventing successful ATO and fake account creation attacks, we are stopping the avenues of fraud in their tracks. Check out the Gartner Peer Insight reviews to see what our customers are saying.
One last takeaway from the Gartner recognition is that we are the only vendor to be featured both in the API Security and Bot Management Application Security Hype Cycle segments. This fact underscores and supports our vision and strategy that these two categories are closely related and may eventually merge. APIs need to be continuously discovered, cataloged, and protected from a variety of run-time threats that are exploiting inherent weaknesses – be it improperly configured authentication or volumetric abuse of their business logic using bots. We believe we are on the right path to continue helping our customers protect their APIs – and want to thank the team at Gartner for helping us validate our vision.
*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.