API Discover

API Discover is a continuous automated discovery service that finds new APIs, any changes to known APIs, and other cloud services related to these APIs within customers’ public cloud infrastructure environments such as Amazon Web Services (AWS). These APIs are discovered on a continuous basis by the Data Theorem Analyzer Engine.

The API Discover service provides an analytic dashboard to track your all of your modern APIs. Whenever an unexpected “Shadow API” is discovered, the dashboard will highlight these new APIs, generate alerts, and feed them into the API Inspect service for deeper security assessments.

The API Discover service:
  • Enumerates all of the API domains, functions, and associated methods
  • Auto-generates a Swagger or Open API 3.0 specification if no API specification exists
  • Finds the various backend services that these modern APIs utilize and require as part of their application framework
  • Provides an analytics dashboard for tracking both Shadow APIs and known APIs
  • Alerts based on policies for API changes and Shadow API discovery
Benefits

Customers can benefit from discovering shadow APIs that reside in their public cloud environments. Shadow APIs are defined as APIs that the security and/or IT teams are not aware exist but which have been created on the organization’s behalf. Customers also benefit from discovering APIs that leverage serverless application frameworks like Amazon Lambda, Google Cloud Functions, and Microsoft Azure Functions.

These new function-as-a-service (FaaS) capabilities in the public cloud make it much easier for developers to build modern applications quickly. However, serverless apps are extremely challenging for security teams who attempt to use legacy technologies like API Gateways and Web Application Firewalls to manage and secure these modern APIs.

Ready for a closer look?

 

Securing the Mobile and API Connected Work Space

Data Theorem helped Evernote identify and close 105 security issues and remove 17 harmful third-party libraries, all before releasing them to the public app stores.