Veracode has launched an advanced scanning tool that enables organisations to find and fix vulnerabilities in APIs (Application Programming Interfaces). The new capability leverages Veracode’s powerful Dynamic Analysis (DAST) scanning engine to provide comprehensive security insights and remediation guidance for APIs as early and efficiently as possible.
According to Gartner, ‘By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.’
“The explosion of APIs means that application development is becoming more fragmented and decentralised in nature, so the attack surface is growing exponentially,” said Brian Roche, Chief Product Officer at Veracode. “As such, API scanning has become the most-requested feature by our customers as they look for a solution that saves time, frees up resources and provides peace of mind.”
Roche added: “Strong API security is fast becoming one of the top concerns for enterprises and a table stakes capability for CISOs. In a world where every relationship should start with Zero Trust, regular API scanning must be a cornerstone of any robust software security strategy.”
With the rapid acceleration of Digital Transformation for businesses as a result of COVID-19, APIs are more critical than ever to build modern applications. They allow easy data transmission from one product or service to another, making information available on many systems. At the same time, they also create a desirable attack vector for cybercriminals.