APIs, the software that lets applications talk to each other, are becoming increasingly important in this era of cloud and mobile computing. But identity provider Ping Identity argues APIs (application programming interfaces) are also at risk of being compromised and plans to release a solution based on technology from its recent purchase of Elastic Beam, a company that’s been developing an AI-powered platform to protect APIs.
“Elastic Beam really pioneered the use of machine learning and AI for the security of APIs, which I believe are the foundation of everything we are doing in software,” Andre Durand, CEO of Ping Identity, told eWEEK. “All the crown jewels of what’s being developed is programmatically exposed through APIs. There is decent protection as far as access to APIs, but more is needed to make sure hackers are not getting in behind our identity systems.”
Before the acquisition, Elastic Beam, which has been in stealth mode the past three years, had already built a hybrid cloud software solution that used AI and behavior expertise to detect and automatically stop threats that use APIs to gain control of systems and data. Ping said it will use the new technology in a system that enables businesses to automatically recognize and respond to rapidly changing, dynamic attacks that target API vulnerabilities.
APIs Need Specialized Security
“Today we typically don’t really know who is accessing an API, whether it’s some guy in the company’s lab or someone from the outside,” Bernard Harguindeguy, founder and CEO of Elastic Beam, told eWEEK. “We built this platform to give detailed tracking and an audit trail of every API activity while also recognizing threats and blocking them.”
Analyst Garrett Bekker of 451 Research said Ping’s move is timely.
“APIs are a big concern because we are in the API economy, where everyone has multiple APIs and there are a lot of unknown interdependencies,” Bekker told eWEEK. “It’s a new attack vector that we don’t have a good handle on as an industry.”
Bekker thinks Ping will leverage the analytics and AI expertise it gained from the Elastic Beam purchase to offer a single sign-on from an identity portal that has all the apps anyone in the company is allowed to access.
“From there, all activity is monitored starting with a baseline of what’s considered normal activity, but when something looks weird, like someone in engineering accessing an application they never use, the system might generate a check on that,” said Bekker.
More Control Options for Users
Harguindeguy said the system will offer customers control as to how it handles actions that might pose a privacy or security threat.
“Also, once we recognize an attack pattern we can create a honeypot to when the attacker is online and make sure he or she is blocked from doing anything,” Harguindeguy said. “In most cases, no one knows what’s going on with their API traffic. We aim to bring visibility to this so you won’t have the situation you have today where months later a company might realize, ‘Oh! Someone accessed an account and a lot of data is missing.’”
Ping hosts the Identiverse conference (previously the Cloud Identity Summit) taking place in Boston this week, where Durand is scheduled to announce the news as part of his June 26 keynote. He said a goal of the new Ping platform is to use machine learning and AI to monitor user behavior and assess risk beyond the obvious examples of someone trying to unlawfully withdraw funds or change records.
“For example, as the CEO I have access to all kinds of financial records I never use, but if I did, who is watching what I do? We want to be able to monitor behavior and determine the risk if it’s something the system has never seen before,” said Durand. “That requires a level of intelligence and a lot of data, which we now have.”
PingIntelligence for APIs is currently in private beta and is scheduled to be generally by the end of this summer.