Content, Channel partners

Traceable AI Unveils API Security Reference Architecture for Zero Trust

API – Application Programming Interface. software development tool. API inscription on a tech background. 3d render..

Traceable AI is offering a reference architecture to help organizations integrate API protection into their zero trust security initiatives.

The API Security Reference Architecture for Zero Trust represents the first API security reference architecture of its kind, according to Traceable's prepared statement. The architecture is aligned with the National Institute of Standards and Technology (NIST) Zero Trust Architecture and "ensures compatibility, interoperability and adherence to industry standards," the company said.

The architecture provides organizations with a framework that they can use to implement zero trust controls tailored to their APIs, protect their digital assets and minimize their risk of data breaches.

Traceable AI's API Security Advantage

API security is a top priority for many organizations in 2023, a Traceable survey of more than 100 cybersecurity professionals shows. However, 40% of these cybersecurity professionals said their organization does not have dedicated professionals or teams for API security. Also, 23% stated they did not know if there was any form of dedicated API security in their organization.

The API Security Reference Architecture for Zero Trust provides organizations with the guidance they need to operationalize zero trust security at the API layer, Traceable said. This architecture emphasizes:

  • Use of security measures intended for APIs, including eliminating implied or persistent trust for APIs
  • Automatic user authentication and authorization to manage and mitigate risks associated with API access and usage
  • Monitoring and recording API transactions to analyze, detect and respond to threats and incidents
  • Automatic identification and classification of sensitive data sets to comply with data protection regulations
  • Integration with cybersecurity solutions to help organizations optimize their security posture

Dr. Chase Cunningham, creator of Traceable's Zero Trust eXtended framework and a company advisor, commented on the API Security Reference Architecture for Zero Trust and its potential impact:

"APIs provide a new means of applying controls across enterprise applications. However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with zero trust principles. By combining zero trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively."

Traceable AI Launches Zero Trust API Access (ZTAA) Solution

The API Security Reference Architecture for Zero Trust announcement comes after Traceable in April 2023 released a ZTAA solution that helps organizations "protect sensitive data, stop API abuse and align data security programs with broader innovation and business objectives," the company said.

Traceable's ZTAA solution minimizes or eliminates implied and persistent trust for an organization's APIs, the company said. As a result, an organization can use the solution to reduce its attack surface.

A Closer Look at Traceable AI

Traceable offers an intelligent and context-aware API security solution, the company indicated. This solution provides organizations with security posture management, threat protection and threat management across the software development lifecycle (SDLC).

At this time, Traceable does not currently provide a partner program for MSSPs and MSPs. Traceable may look to develop and launch a partner program in the future.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.