CQ Prime
Threat Research

Attackers are continually evolving their tools, finding new ways to abuse your APIs and exploit discovered vulnerabilities. Meanwhile, your team is tasked with keeping up with the latest attack techniques while maintaining your organization’s overall security posture. That’s where the CQ Prime Threat Research team can help, providing assistance that ranges from ongoing research your team can take advantage of, to fully managed threat detection and response.

Your Threat Research Partner in API Protection

Watch our API Bites video to hear from Will Glazier, Director of CQ Prime Threat Research, on the mission of the team.
Play Button

Singularly Focused on API Threat Hunting

Distributed globally to ensure 24×7 coverage, the CQ Prime Threat Research Team is dedicated to understanding how cyber criminals are attacking your APIs to commit fraud, steal data and disrupt your business. The Team analyzes automated attacks and exploits based on the four elements a bad actor needs to execute their malicious actions – infrastructure, tools, credentials and behavior – translating those efforts into improved API protection, published research, dynamic policy updates and product enhancements.
icon - Malicious Infrastructure

Malicious Infrastructure

The largest database of malicious API infrastructure is meticulously curated to stop attackers in their tracks based on their IP address or organization.

Threat Toolkits

Known toolkits in use are dissected, analyzed and translated into pre-defined, high efficacy policies to protect your APIs.

User Credentials

Stolen credential listings are incorporated into the predefined policies to improve ATO and fake account prevention efficacy.

Behavioral Fingerprinting

Ongoing analysis of actions taken to evade detection are incorporated into existing or new ML models to maximize efficacy.

Zero Day Vulnerabilities

On-going investigative efforts into undiscovered API vulnerabilities such as LoNg4j.

ML-Model Enhancements

Research is used to continually enhance, or create new ML-based analysis techniques to help you stay ahead of attackers.

Out-of-the-box API Protection

Hundreds of predefined, customizable policies help ensure that your APIs are protected quickly and consistently.

Dynamic Updates

Findings are used to enhance policies which are then pushed dynamically to all customers to help maximize API protection.

Managed Detection & Response

An optional managed service that provides continuous threat monitoring and remediation to proactively detect and respond to advanced attacks targeting your APIs.

Join the Team

Looking to join our world-class team of threat hunting experts?
Check out the current list of openings
CQ Prime Threat Research
The ABCs of API Security: A New (Free!) Learning Center

November 16,2023

APIs have been with us since before they were called APIs. Application programming interfaces as an interface between software or...

Continue Reading
CQ Prime Threat Research
Insights from a Leading API Security Vendor: Understanding the Joint Cybersecurity Advisory on IDOR Vulnerabilities by ACSC, CISA, and NSA

July 31,2023

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security...

Continue Reading
CQ Prime Threat Research
API Threat Research Validates Robust API Security Program with Automated API Attack Mitigation Capabilities

May 16,2023

API threat research by the Cequence CQ Prime Threat Research team during the second half of 2022 confirms that API...

Continue Reading

Stay Up-to-Date

Subscribe for more content and never miss an update!

Get an Attacker’s View
into Your Organization

Free API Security Assessment
Cequence Security
100 S Murphy Avenue
Suite 300
Sunnyvale, CA 94086

+1 650 437 6338
Contact Us
Book a Demo
FOLLOW US
Twitter LinkedIn Youtube
PRODUCTS & SERVICES
INDUSTRIES
RESOURCES
SOLUTIONS
PARTNERS
COMPANY
© 2018-2023 Cequence Security, Inc. All rights reserved.
Privacy Policy | Cookie Policy | Responsible Disclosure Policy.