Traceable AI is offering a reference architecture to help organizations integrate API protection into their zero trust security initiatives.
The API Security Reference Architecture for Zero Trust represents the first API security reference architecture of its kind, according to Traceable's prepared statement. The architecture is aligned with the National Institute of Standards and Technology (NIST) Zero Trust Architecture and "ensures compatibility, interoperability and adherence to industry standards," the company said.
The architecture provides organizations with a framework that they can use to implement zero trust controls tailored to their APIs, protect their digital assets and minimize their risk of data breaches.
Traceable AI's API Security Advantage
API security is a top priority for many organizations in 2023, a Traceable survey of more than 100 cybersecurity professionals shows. However, 40% of these cybersecurity professionals said their organization does not have dedicated professionals or teams for API security. Also, 23% stated they did not know if there was any form of dedicated API security in their organization.
The API Security Reference Architecture for Zero Trust provides organizations with the guidance they need to operationalize zero trust security at the API layer, Traceable said. This architecture emphasizes:
- Use of security measures intended for APIs, including eliminating implied or persistent trust for APIs
- Automatic user authentication and authorization to manage and mitigate risks associated with API access and usage
- Monitoring and recording API transactions to analyze, detect and respond to threats and incidents
- Automatic identification and classification of sensitive data sets to comply with data protection regulations
- Integration with cybersecurity solutions to help organizations optimize their security posture
Dr. Chase Cunningham, creator of Traceable's Zero Trust eXtended framework and a company advisor, commented on the API Security Reference Architecture for Zero Trust and its potential impact:
"APIs provide a new means of applying controls across enterprise applications. However, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with zero trust principles. By combining zero trust strategic concepts with API-specific security measures, Traceable can help organizations protect their digital assets effectively."
Traceable AI Launches Zero Trust API Access (ZTAA) Solution
The API Security Reference Architecture for Zero Trust announcement comes after Traceable in April 2023 released a ZTAA solution that helps organizations "protect sensitive data, stop API abuse and align data security programs with broader innovation and business objectives," the company said.
Traceable's ZTAA solution minimizes or eliminates implied and persistent trust for an organization's APIs, the company said. As a result, an organization can use the solution to reduce its attack surface.
A Closer Look at Traceable AI
Traceable offers an intelligent and context-aware API security solution, the company indicated. This solution provides organizations with security posture management, threat protection and threat management across the software development lifecycle (SDLC).
At this time, Traceable does not currently provide a partner program for MSSPs and MSPs. Traceable may look to develop and launch a partner program in the future.