SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Data Protection
#
Cloud Security
#
Cybersecurity

Upwind Security unveils feature for safeguarding APIs

Today
Author image
By Sean Mitchell, Publisher

Upwind Security has announced a new feature for automatic discovery and classification of sensitive data flows within its API Security suite.

The latest addition to the company's platform aims to assist organisations in proactively identifying and securing sensitive data transferred through APIs, thereby bolstering data protection and mitigating risk. This development comes amid a marked increase in cyberattacks targeting APIs.

Recent research conducted by CheckPoint has found that attempts to attack Web APIs have surged by 20% in 2024, impacting one in every 4.6 organisations weekly. Upwind's new feature is designed to address this growing threat, providing the means for organisations to safeguard their most sensitive information.

Upwind's solution will automatically track and classify sensitive data routes, categorising them based on PCI (Payment Card Industry), PII (Personally Identifiable Information), and PHI (Protected Health Information) standards. The feature detects sensitive data patterns at the packet level, ensuring that such information remains protected and does not leave the customer's environment.

Specifically, Upwind assigns a sensitive data tag to API requests containing such data and classifies these by type, such as PCI for credit card numbers or PII for personal identifiers. This function is powered by Upwind's eBPF-based sensor, which simplifies the identification of elevated risk areas for security teams.

The use of eBPF technology allows Upwind to eschew costly traditional methods like traffic mirroring or dependence on static API definitions, which can be outdated or incomplete. This advancement is integrated with Upwind's existing capabilities, which analyse workload behaviour to secure against API-related threats and attacks effectively.

Through dynamic cataloging and real-time mapping of APIs, along with analysis of actual traffic, Upwind's API Security solution provides substantial visibility with minimal performance impact. The automated tracking within this feature allows organisations to better understand and prioritise security risks associated with API data flows, facilitating quicker remediation and a proactive stance in sensitive data security.

Amiram Shachar, Upwind's Co-Founder and CEO, commented, "Upwind's API security for sensitive data flows was designed to empower security teams by cutting through the noise and zeroing in on the most critical risks. As API traffic continues to surge, it's crucial that organisations have the tools to not only identify vulnerabilities but also address them before they lead to breaches. Our goal is to provide a clear path to securing sensitive data in real-time, helping businesses stay ahead of an increasingly complex threat landscape."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Edinburgh tops UK demand for encrypted messaging apps
Kaseya survey finds human behaviour a top cyber threat
VIPRE earns 'Strategic Leader' status in 2024 AV report
BeyondTrust forecasts cybersecurity shifts by 2025
It’s time for API edge security
Top stories
Cybersecurity experts urge enhanced defence strategies
Socket raises USD $40m to enhance open-source security
Socket secures USD $40m series B to combat supply threats
Reltio unveils AI enhancements for customer 360 platform
Paladin appoints Nazo Moosa as UK Managing Director