ThreatX is the only API Attack Protection platform that delivers on the promise of stopping API attacks in real-time. Through the ThreatX platform, customers can:

• Identify and correlate activity to identify threats to APIs more precisely without triggering false positives
  
• Respond to multi-step attack patterns over time, adjusting to the motions of an adversary
  
• Block suspicious entities and IPs when behaviors surpass an acceptable risk threshold
  
• Dramatically reduce false positives to enable security without risking user experience
  

Detect and Block Attacks: ThreatX scans all inbound API traffic in real time, identifying and blocking attacks. This real-time monitoring enables ThreatX to execute advanced threat engagement techniques, such as IP fingerprinting, interrogation, and tar-pitting. These capabilities allow ThreatX to identify and stop the most complex attacks, including large-scale bots and DDoS-level threats.

Discover and Defend APIs: Because ThreatX examines all live traffic, the platform can identify APIs you may be unaware of, such as zombie and rogue APIs. For security professionals without a clear handle on their organization’s API attack surface, these capabilities fill a critical gap in the security program.

Visualize API Attack Surface: In addition, the API discovery capabilities of ThreatX allow customers to visualize the entirety of the API attack surface. ThreatX’s API attack dashboard provides a central view of how and where APIs may be deployed – beyond those known to the organization.

Enable Advanced Attack Forensics: Through advanced risk analysis, ThreatX can identify key attributes of an attack, such as attack patterns over time (e.g., low and slow); use of advanced evasion techniques; and details of the attack target. This insight enables security to understand the goals and nature of a threat to drive a more comprehensive security strategy.

Enforce API Schema Compliance: ThreatX supports customers’ efforts to address API schema compliance, ensuring API functionality is aligned with the organization’s stated goals and objectives. With our OpenAPI schema support functionality, you can compare what your build system thinks is out there with what’s truly in the wild, allowing organizations to quickly pinpoint undefined or unspecified functionality.

How We Deliver: Attacker-Centric Behavioral Analytics

APIs are the holy grail for attackers. These adversaries see great value in these assets and exert significant time and creativity to bypass rules-based detection, including both attack types (e.g., DDoS, bots) and evasion techniques. ThreatX goes far beyond the basic rules by inspecting the specific adversary behaviors over time. Leveraging an ML- and AI-powered context engine, ThreatX analyzes key attributes (e.g., IP reputation, TOR exit node status, geo IP, user agent, TLS fingerprint) to identify entities and codify risk. In addition, ThreatX analyzes behaviors from multiple vantage points – rather than requiring a single, significantly risky event or identifying a known signature – to block a suspicious entity. As risk rises, ThreatX immediately blocks an attack – stopping the threat in its tracks. ThreatX's blocking modes are designed to block malicious requests and deter suspicious entities from attacking your APIs, while allowing benign traffic and real users through.

Key Features