In the modern software development landscape, application programming interfaces are widely used to provide data, content and other services. However, API security has been an often overlooked area, which is why Bernard Harguindeguy and his partners got the idea to start Elastic Beam.
Elastic Beam is officially emerging from stealth today in a bid to help organizations secure and manage API usage. Harguindeguy has had a long career building security startups, including GreenBorder Technologies, which Google acquired in 2007. His co-founder at Elastic Beam, Uday Subbarayan, was one of the technical founders of APIGEE, which Google acquired in 2016.
Elastic Beam’s core product, called API Behavioral Security (ABS), understands API transactions and can differentiate what is normal and what is potentially an attack, according to Harguindeguy. The understanding of what is and isn’t normal is done through a combination of machine learning and artificial intelligence technologies built by Elastic Beam. Securing APIs isn’t just about monitoring access, but also about providing security and detection capabilities for the core back-end systems that are providing the API gateways.
“We protect the API login system itself, which is important because hackers will attack systems to gain access,” he said. “The attacker could be an outsider, a botnet or even an insider.”
Harguindeguy noted that commonly with API usage, organizations lose visibility after a user, legitimate or otherwise, gets access. With Elastic Beam, a core feature is API usage visibility, providing tracking for a given API account on usage, deployment and other metrics.
“So we can detect attacks, post-login as well as pre-login,” he said.
An additional layer of protection that Elastic Beam provides is for distributed denial-of-service (DDoS) attacks against APIs. Harguindeguy said DDoS attacks against APIs don’t follow the same patterns as regular web attacks and can be difficult to detect. DDoS attacks against an API isn’t just about overwhelming a target with traffic, but also with other elements such as browser cookies, or overloading API memory.
“We can recognize a whole bunch of different types of DDoS attacks against APIs,” he said. “We can then help our customers sort out the good traffic from the bad.”
Going beyond just detection, Elastic Beam also provides deception with its Decoy API functionality. With the Decoy API, an organization can set traps for attacker and capture attack information for analysis and reporting.
From a deployment perspective, Elastic Beam protects both API gateways and management platforms, as well as APIs implemented directly on web application servers such as node.js, Tomcat and WebSphere.
“We’re working with several API management vendors providing a level of security on top of what they provide,” Harguindeguy said. “API gateway vendors tend to stop at access control, and we bring a new layer of security on top that they just don’t have.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.