Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
1
Data-Driven Security – Protect APIs from Adaptive Threats
Subra
Kumaraswamy,
Apigee
Agenda
2
1. Adaptive Threat Challenges
2. Why Data-Driven Security
3. Apigee’s Aproach
4. Key Takeaways
©2015 Apigee. All ...
Adaptive Threats
Source: Incapsula
DoS/Spam
Price Scrappers
Attack API Vulnerabilities
Pollute Analytics
Loyalty Program A...
Current layers of security are not adaptive
4
Rules Based
Not Agile Friendly
Address Web Vulns
No Biz logic visibility
Com...
We need a new approach…
5
Apigee Sense : Protecting from adaptive threats
6
• A new adaptive API security
product to prevent
sophisticated bot attac...
Apigee Sense
7
E
Data Warehouse
CRM, ERP, etc.
SOA
Database
Analyze billions of events
Apigee Sense
Data Driven Security
M...
Apigee Sense Advantage - Deep Behavioral Analysis
• Sophisticated rules and learning algorithms that compute a
risk score....
Bad Bot Patterns
9
Content
Stealer
Spiker/DoS Credential
Stuffer
Guessor
Price
Scraper Storm
Attacker
Spear
Attacker
Vulne...
• Shield your APIs from Bots and adaptive threats
 Save valuable system resources and from abusive Bots.
 Reduce Analyti...
Thank You
Nächste SlideShare
Wird geladen in …5
×

Data-driven Security: Protect APIs from Adaptive Threats

591 Aufrufe

Veröffentlicht am

Apigee's security architect discusses data-driven security and previews Apigee's new bot detection product Apigee Sense at I Love APIs 2015

Veröffentlicht in: Software
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Data-driven Security: Protect APIs from Adaptive Threats

  1. 1. 1 Data-Driven Security – Protect APIs from Adaptive Threats Subra Kumaraswamy, Apigee
  2. 2. Agenda 2 1. Adaptive Threat Challenges 2. Why Data-Driven Security 3. Apigee’s Aproach 4. Key Takeaways ©2015 Apigee. All Rights Reserved.
  3. 3. Adaptive Threats Source: Incapsula DoS/Spam Price Scrappers Attack API Vulnerabilities Pollute Analytics Loyalty Program Abuse
  4. 4. Current layers of security are not adaptive 4 Rules Based Not Agile Friendly Address Web Vulns No Biz logic visibility Compliance Driven WAF Security IP Centric Rules Based No API Context Weak Blocking CDN Security
  5. 5. We need a new approach… 5
  6. 6. Apigee Sense : Protecting from adaptive threats 6 • A new adaptive API security product to prevent sophisticated bot attacks • Detects threat patterns at the API layer, including bot attacks • Enables you to take actions on bots you find
  7. 7. Apigee Sense 7 E Data Warehouse CRM, ERP, etc. SOA Database Analyze billions of events Apigee Sense Data Driven Security Machine learning algorithms Detect Anomalous Behavior Patters Hac ker Bot Bot Hac ker Bot Attack Stopped Legitimate Traffic Adaptive Threats • Content Scraping • Information Theft • Denial of Service Bot signatures
  8. 8. Apigee Sense Advantage - Deep Behavioral Analysis • Sophisticated rules and learning algorithms that compute a risk score. Models look at anomalous behavior patterns, activity bursts, geo patterns, device fingerprinting, etc. • Analyze billions of API calls across customers. Include purchased external IP reputation data. • Focus on the anomalies using baseline traffic behavior • Enable variable enforcement based on risk score (0-100) 8
  9. 9. Bad Bot Patterns 9 Content Stealer Spiker/DoS Credential Stuffer Guessor Price Scraper Storm Attacker Spear Attacker Vulnerability Scanner
  10. 10. • Shield your APIs from Bots and adaptive threats  Save valuable system resources and from abusive Bots.  Reduce Analytics pollution due to Bot activities.  Protect your proprietary content (images, pricing, etc) and intellectual property from scrapping Bots.  Gain visibility to API Key breaches to take immediate action to limit damage. • Get started today! • No setup or additional configuration required • Register at https://pages.apigee.com/Apigee-Sense-product-reg.html Use Apigee Sense to: 10
  11. 11. Thank You

×