TL;DR:
- Google Cloud updates Apigee to prevent business logic attacks.
- Business logic attacks are design and implementation flaws in apps that allow malicious behavior.
- Google introduces machine learning models in Apigee to detect potential business logic attacks.
- Models are available to Apigee Advanced API Security customers and were trained on internal Google data.
- Apigee also introduces dashboards to more accurately identify API abuses by analyzing patterns in alerts.
- The updates aim to make it easier and faster to detect API abuse incidents as API traffic grows.
Main AI News:
As the annual RSA cybersecurity conference commences, Google Cloud has unveiled updates to its API management and predictive analytics solution, Apigee, aimed at fortifying business logic protection. Business logic attacks, which stem from deficiencies in an application’s design and implementation, pose a significant threat as they can be difficult to detect and widely spread.
To tackle these exploits, Apigee has integrated advanced machine learning models that have been trained to recognize potential business logic attacks. These models, available to all Apigee Advanced API Security customers, have been fine-tuned using internal Google data and are capable of detecting even the slightest deviations in server activity patterns, a hallmark of malicious behavior.
“Our machine learning models, which have been in use by Google’s internal teams to secure our public-facing APIs, leverage years of learning and best practices,” says Shelly Hershkovitz, Product Manager at Google Cloud.
To further enhance the detection process, Apigee has also introduced dashboards that analyze the vast number of alerts generated by the models, identifying patterns and highlighting key characteristics such as the source of the attack, the number of API calls, and the duration of the attack.
“As API traffic continues to grow, so does the threat of malicious API attacks, making API security a top priority for enterprises worldwide,” Hershkovitz adds. “With these updates, we are making it easier and faster to identify API abuse incidents.”
Conlcusion:
Google Cloud’s updates to Apigee demonstrate a commitment to addressing the growing threat of business logic attacks. The integration of advanced machine learning models and improved dashboards for API abuse detection highlights the company’s efforts to stay ahead of the curve in API security.
This is a positive development for the market as it provides enterprises with a robust solution for safeguarding their APIs against malicious attacks. As API traffic continues to rise, these updates will become increasingly important for businesses looking to maintain the security and integrity of their applications.