Industry Recognition for API Sentinel: KuppingerCole

The seemingly weekly announcement of new API security offerings highlights the importance of protecting your APIs from security gaps that can lead to fraud and data loss. The wide range of offerings is confusing, even for those of us in the space! Where should you begin?

Most security professionals would agree that you cannot protect what you cannot see. As noted in the recently published KuppingerCole assessment of Cequence API Sentinel, complete visibility is the first step – understanding how many APIs you have, the owners and their functionality.

“But one could also argue that for all API users, security begins at the discovery stage: without a full inventory, classification, and risk assessment of all known and unknown APIs, consistent protection is simply impossible. And this inventory cannot be a one-time process — continuous real-time monitoring is needed to reflect the ever-changing IT landscapes and new types of threats that emerge constantly.”

— Alexei Balaganski, KuppingerCole

Beyond API visibility, what should your API Security offering do? Uncovering their risk posture – are they adhering to a defined spec, leaking sensitive data, or using weak auth should be easily discovered and remediated. Here too, API Sentinel can help – as noted in the report.

“By detecting the drift from the published API specification, identifying known patterns of sensitive data in network traffic, and exposing weak or nonexistent authentication in APIs, API Sentinel calculates dynamic, real-time risk scores for each detected endpoint.”

—  Alexei Balaganski, KuppingerCole

A final consideration is deployment – what architecture works best? Is the API gateway the best source of API metrics? Possibly, but an API gateway will only supply what has been registered – leaving a strong possibility you will miss some APIs – shadow, deprecated, unmanaged APIs are common, particularly in large distributed organizations. Ideally, you should look for something that ties into your infrastructure in a manner that best addresses your requirements.

“As opposed to many competing solutions that typically focus either on edge deployment scenarios (inspecting API traffic only at the ingress point) or on distributed, microservice-oriented architectures (deployed alongside with business microservices and monitoring internal API traffic), API Sentinel, thanks to its flexible container-based architecture and breadth of technology integrations (e.g., API gateways, proxies, ingress controllers, load balancers, etc.) can mix and match both approaches.”

—  Alexei Balaganski, KuppingerCole

API Sentinel helps security teams, API centers of excellence, and data governance officers address their most pressing API problem – visibility and monitoring of their internal and external APIs. It extends that visibility into risk and conformance analysis to discover and remediate gaps that can result in data loss or fraud. Deployable in a matter of minutes, API Sentinel integrates with your API management infrastructure and CI/CD tools to provide immediate value to both security and developers alike by finding all the APIs for visibility, discovering potential security gaps, and alerting development teams for rapid remediation.

Download the KuppingerCole report on API Sentinel.

About KuppingerCole

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.