Blog

New Machine Learning Enhancements to the Cequence UAP Platform

May 6, 2024 | 3 MIN READ

by Jeff Harrell

Stylized graphic of an infinity sign

Cequence helps some of the world’s largest, most important organizations protect themselves from evolving threats, data breaches, and other business disruptions. As threats continue to evolve, so must software designed to prevent those unwanted outcomes. Cequence today announced several significant machine learning-based enhancements to its Unified API Protection platform including improved API discovery, API security testing, and a significant advancement in automated threat detection and response. These improvements also help future-proof organizations against the complexities of API security and bot management in the face of AI-driven attacks and data leakage, which we expect to see as a major factor in the future.

The new capabilities and improvements announced today are available today and fall into three main categories:

  • Automated threat detection and mitigation
  • Customized API discovery
  • Bespoke API security testing

Automated Threat Detection and Mitigation

This exciting new machine learning feature reduces the mean time to response (MTTR) to an attack by up to 90%. Mean time to response is understood to be the time from the discovery of an attack to the mitigation of the attack. Until now, API security products might detect an attack, but it was up to the security analyst to develop a rule or policy to mitigate the attack and then activate the policy. Now, Cequence offers the unique ability to identify anomalous or malicious traffic patterns and automatically generate mitigation policies for immediate action. Analysts simply review the policy and determine whether or not to implement it for mitigation. Cequence offers several mitigation options including blocking, rate-limiting, deception, and logging.

Customized API Discovery

API Spyder now automatically detects API hosts managed by API gateways including Mulesoft, Apigee, and AWS, providing detail on those APIs without requiring additional deployment or configuration. API definitions can be tailored to match the specific styles, usage, and requirements for an organization, thus increasing the accuracy of categorization and protection. Additionally, discovery algorithms can be tailored by customers, tuning them to the specific styles and formats relevant for that organization.

Bespoke API Security Testing

Cequence’s API security testing capabilities have been enhanced for greater customization specific to the user’s business. Test cases can be customized on a per-application basis with customized assertions that govern pass/fail criteria so testing can better reflect how applications are used in the reality. Traffic profilers per API group can also be customized within test cases to vary threat scenarios and improve resilience, feeding into tailor-made test plans.

Additionally, test plans can now be configured with authentication profiles for multiple user personas and privileges to enable thorough authentication validation testing.

The AI Attack Future

We know that attackers are beginning to harness AI to launch attacks that are harder to detect and quickly evolve, so we’re also investing significant time and effort into applying our existing technology to help protect customers against AI-driven attacks and tactics. If you’d like to learn more about the new capabilities in the Cequence Unified API Protection platform, please reach out and contact us or request a demo.

 

Jeff Harrell

Author

Jeff Harrell

Director of product marketing

Jeff Harrell is the director of product marketing at Cequnce and has over 20 years of experience in the cybersecurity field. He previously held roles at McAfee, PGP, Qualys, and nCircle, and co-founded the company that created the first commercial ad blocker.

Related Articles