Cequence Unified API Protection defends against attacks targeting AI applications
Cequence introduced advancements to its Unified API Protection (UAP) platform, specifically tailored to support the secure use of AI applications like Generative AI and Large Language Models (LLMs). Cequence’s solutions protect applications deployed in the cloud, on-premises, and hybrid environments, and also support serverless environments, ensuring security posture.
“API security and bot management are more important than ever as AI technology grows,” said Ameya Talwalkar, CEO of Cequence. “As Generative AI and Large Language Models become more common, organizations face new types of attacks. While many cybersecurity companies use AI to protect against threats, Cequence is focusing on using AI to defend specifically against attacks targeting AI applications. This approach, called ‘Cyber for AI,’ aims to set new standards in AI security and enhance overall cybersecurity.”
APIs serve as the backbone of countless applications, necessitating security measures. Cequence’s upgraded UAP platform introduces capabilities for proactive threat detection, security testing, and autonomous threat mitigation, empowering organizations to fortify their API infrastructure.
Testing LLM Applications for OWASP LLM Top 10 Threats
- Cequence pioneers the industry’s first test suite to evaluate applications using Large Language Models (LLMs) against the OWASP LLM Top 10 threats.
- Enables organizations to proactively test LLM applications using synthetic traffic to identify vulnerabilities and ensure security prior to deployment.
- Provides specific findings and recommendations to developers for corrective actions.
Detecting and Blocking Automated AI Bot Activity
- Cequence enhances capabilities to automatically identify and block AI bot activity without user configuration.
- Automatically refreshes UAP’s global AI bot list, ensuring all customer deployments are continuously protected against the latest AI bot threats without requiring manual updates.
- Enables security teams to effectively manage and mitigate AI bot-driven threats against exposed content.
Introducing the Cequence Flow Graph
- Cequence launches a new graphing capability within the UAP platform, known as the Flow Graph.
- Unlike other tools that provide a simple “read-only” view, the Flow Graph visualizes end-to-end API flow, enabling personnel to take instant action on malicious flows.
- Enhances security team visibility by distinguishing between normal and malicious traffic volumes.
New Integrations Enhance Discovery of Third-Party APIs
- Expands integrations with F5 High Speed Logging (HSL), Citrix ADC Content Inspection, and WSO2 API Gateway for comprehensive API discovery.
Offloading API Analytics Intelligence to the Edge
- Processes API traffic on-premises, optimizing traffic flow to reduce costs and enhance efficiency while aligning with your API security needs, whether for discovery, governance or full protection.
- Reduces bandwidth usage and enhances privacy by processing sensitive data closer to the edge.
- Enables quicker, low-latency processing of API traffic for improved detection and response times.
Attack Surface Detection of API Gateways and Infrastructure
- Automatically discovers and maps all API gateways and infrastructure, including those on cloud providers like AWS and Azure, ensuring comprehensive coverage.
- Identifies and addresses hidden APIs operating in non-sanctioned environments to prevent security gaps.
- Tailors detection algorithms to reduce false positives and enhance accuracy, aligning with your specific security needs.
source: HelpNetSecurity
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024