CQ Prime
Threat Research

Attackers are continually evolving their tools, finding new ways to abuse your APIs and exploit discovered vulnerabilities. Meanwhile, your team is tasked with keeping up with the latest attack techniques while maintaining your organization’s overall security posture. That’s where the CQ Prime Threat Research team can help, providing assistance that ranges from ongoing research your team can take advantage of, to fully managed threat detection and response.

Your Threat Research Partner in API Protection

Watch our API Bites video to hear from Will Glazier, Director of CQ Prime Threat Research, on the mission of the team.
Play Button

Singularly Focused on API Threat Hunting

Distributed globally to ensure 24×7 coverage, the CQ Prime Threat Research Team is dedicated to understanding how cyber criminals are attacking your APIs to commit fraud, steal data and disrupt your business. The Team analyzes automated attacks and exploits based on the four elements a bad actor needs to execute their malicious actions – infrastructure, tools, credentials and behavior – translating those efforts into improved API protection, published research, dynamic policy updates and product enhancements.

Malicious Infrastructure

The largest database of malicious API infrastructure is meticulously curated to stop attackers in their tracks based on their IP address or organization.

Threat Toolkits

Known toolkits in use are dissected, analyzed and translated into pre-defined, high efficacy policies to protect your APIs.

User Credentials

Stolen credential listings are incorporated into the predefined policies to improve ATO and fake account prevention efficacy.

Behavioral Fingerprinting

Ongoing analysis of actions taken to evade detection are incorporated into existing or new ML models to maximize efficacy.

Zero Day Vulnerabilities

On-going investigative efforts into undiscovered API vulnerabilities such as LoNg4j.

ML-Model Enhancements

Research is used to continually enhance, or create new ML-based analysis techniques to help you stay ahead of attackers.

Out-of-the-box API Protection

Hundreds of predefined, customizable policies help ensure that your APIs are protected quickly and consistently.

Dynamic Updates

Findings are used to enhance policies which are then pushed dynamically to all customers to help maximize API protection.

Managed Detection & Response

An optional managed service that provides continuous threat monitoring and remediation to proactively detect and respond to advanced attacks targeting your APIs.

Join the Team

Looking to join our world-class team of threat hunting experts?

Stay Up-to-Date

Subscribe for more content and never miss an update!

Get an Attacker’s View
into Your Organization