Radware Unveils Real-Time API Lifecycle Protection

Radware has introduced a comprehensive new service dedicated to securing application programming interfaces (APIs) in real time. The Radware API Security Service is engineered to provide end-to-end protection across the entire API lifecycle, leveraging live production traffic to identify and mitigate threats as they occur. This approach directly tackles the OWASP Top 10 API Security Risks, offering a robust defense against complex Layer 7 DDoS attacks and other sophisticated threats that target modern digital infrastructure.

While APIs are the fundamental building blocks of contemporary applications, they frequently introduce significant security vulnerabilities. Traditional security tools often overwhelm teams with theoretical alerts that don’t reflect actual risk, leaving them unsure where to focus. Furthermore, incomplete API discovery means shadow APIs and third-party integrations remain exposed, and a lack of runtime visibility makes stopping intricate business logic attacks exceptionally difficult.

This new service from Radware aims to close these gaps by delivering continuous runtime visibility, posture management, and active protection. Security teams gain a dynamic, real-time perspective on API risk, all informed by actual traffic patterns rather than static assumptions.

“APIs are dynamic, business-critical, and increasingly targeted—but most security approaches are still static,” explained Haim Zelikovsky, Radware’s vice president of cloud security. “Our API Security Service redefines protection by continuously analyzing real traffic to pinpoint real risk, automatically block real attacks, and help organizations cut through the noise, reduce mean time to repair, and meet compliance mandates with greater assurance.”

The platform unifies several critical functions into a single solution for end-to-end runtime protection. It combines ongoing discovery, posture management, analytics, and active defense mechanisms.

Central features of the service include:

Runtime posture management, which scrutinizes live production traffic to identify genuine risks and prioritize remediation efforts based on active threats and clear attacker intent.

Business logic protection that automatically charts API workflows to detect and halt sophisticated business logic attacks as they unfold during runtime operations.

Complete runtime protection ensuring full coverage against the OWASP Top 10 API Security Risks. This encompasses bot attacks, embedded threats, client-side issues, and HTTPS DDoS attacks specifically aimed at APIs.

Automated API discovery and visibility for continuous mapping of all APIs, including previously hidden shadow APIs and third-party integrations. This provides complete visibility into inventories, schemas, usage patterns, and workflow dependencies.

A unified platform and compliance portal that serves development, security, and DevSecOps teams. It simplifies cross-team collaboration, aids in meeting regulatory requirements, and reduces overall complexity and total cost of ownership.

Designed for CISOs, security operations centers, and DevSecOps teams, the Radware API Security Service focuses on delivering critical API visibility, runtime protection, and tangible risk reduction. Its AI-driven detection mechanisms are built to minimize false positives, while its adaptive, behavior-based protection aims to prevent disruption to legitimate API traffic, even during large-scale HTTPS DDoS incidents.

(Source: HelpNet Security)