User Review( votes)
API Cloud- These days, the most common way for services to communicate and transfer data is by using APIs.
However, broken, exposed, or hacked APIs are the cause of some of the latest major data breaches, as they have the potential to expose sensitive data for public consumption.
Securing your APIs is important, and we take it seriously – Imperva offers a solution called API Security, which among other benefits, builds a positive security model in order to ensure that only the traffic you want accessing your API is allowed and all of your API endpoints are protected as soon as they are published. API Security is also a part of the Imperva Cloud Application Security suite.
Continuously securing every endpoint and staying up-to-date with recent deployments can introduce serious overhead. Every time an API is updated, API Security needs to be notified about the change so that it can update the model and accurately protect your endpoints.
One way to achieve this is by manually providing a Swagger file that describes the API configuration. Like many manual procedures, this one is error-prone. It also poses an orchestration bottleneck between security, DevOps, and developer teams, due to the fact that different people are often in charge of developing and securing the APIs.
Amazon Web Services and API Security
To solve this challenge, we have developed a solution that automates the retrieval of the Swagger file. Currently, it has only been implemented for Amazon Web Services (AWS), but the same principle is applicable for other cloud providers as well.
AWS offers a platform for API Management called Amazon API Gateway, which makes it easy to define, deploy, share, and operate APIs. Deploying or updating an API is made quick and simple through the use of Amazon API Gateway’s serverless developer portal, allowing hundreds of API changes to be deployed each day. As mentioned above, securing each of these deployments will involve some overhead and our goal in this feature is to eliminate that overhead by securing the deployments in a quick, automatic way.