Highlights:

  • Cequence Security’s platform offers Continuous Integration (CI)/Continuous development (CD) and collaboration tools integration with tools like Azure DevOps, Gitlab, Jenkins and Bamboo.
  • The platform also empowers security and development teams to visualize and remediate test failures quickly.

Cequence Security Inc., an application programming interface security startup, recently announced enhanced testing capabilities in its Unified API Protection Platform.

This new API Security Testing Framework motivates shift-left efforts by giving development and security teams the tools to rapidly uncover and remediate API vulnerabilities in preproduction environments. It could otherwise lead to disruption of business when they go into production.

Utilizing API Security Testing, development and security teams can integrate continuous and automated testing of their pre-production APIs into their development and release cycle. For circumstances where API specifications are absent, security teams can leverage real-time API traffic analysis to baseline API specifications based on runtime traffic. It removes the need to search for legacy APIs or to create specifications from the beginning.

Crucial capabilities of the new offering include Continuous Integration (CI)/Continuous Development (CD) and collaboration tools integration with support of tools like Azure DevOps, Gitlab, Jenkins and Bamboo. It empowers developers to run tests against their preproduction APIs to first detect and then report security issues.

In addition, the new offering empowers users to visualize and remediate test failures. It drills down into details to swiftly understand the compliance issues spotted in preproduction APIs. With the help of Summary reports, results can be exported and shared with development teams and API owners for fast remediation and re-execution of tests.

Talking particularly of security, the new offering scans comprehensive OWASP API and business logic risks like sensitive data exposures and shadow APIs. Users can define custom risk categories and personalized sensitive data exposure for various groups of APIs based on the vertical.

Chief marketing officer at Cequence Security, Varun Kohli said, “Driven by the rapid rise in API exploits caused by coding errors, security and development teams are looking at ways to improve their API testing efforts without jeopardizing their continuous development release cycles. API Security Testing complements our runtime compliance capabilities that detect security risks such as business logic abuse and OWASP API Top 10 risks in production APIs.”