Shadow APIs

Growth of APIs

The rapid growth of modern applications has led to a dramatic increase in the number of APIs developers are creating. Many of these new APIs are being developed on cloud platforms, leveraging containers as part of microservice architectures. The complexity of microservice architectures requires that developers work closely with their operations team to handle resource allocation and scalability.

Cloud platforms such as Amazon Web Services, Microsoft Azure and Google Cloud Platform have introduced serverless services allowing developers to build applications at scale with less infrastructure complexity and lower costs. Developers can now publish new applications and services within minutes without thinking about resource and infrastructure allocations. These new applications often have API services that enable unintended data loss due to outdated TLS encryption support and lack of proper authentication.

Rise of Shadow APIs

As adoption of these new cloud serverless services grows, it allows for the creation of rogue APIs called shadow APIs that operate outside of enterprise security. The ephemeral nature of serverless based applications often makes legacy API security tools irrelevant and unusable. Traditional security approaches allow these shadow APIs to go undetected. Many security organizations are now being challenged to discover, track and secure these Shadow APIs.

Discover and Secure Shadow APIs

Data Theorem’s API Discover allows security and operations teams to discover shadow APIs in public cloud environments. Our cloud-based Analyzer Engine continuously scans the serverless applications to find shadow APIs. Once a shadow API is discovered, an alert is generated notifying security teams. API Discover begins tracking the uncovered shadow APIs and then engages API Inspect for analysis.

“We greatly anticipate the new Data Theorem security services for API discovery and analysis in our DevOps environment. These new API security services are ground-breaking in the changing developer landscape.”

—Michael Machado, Chief Security Officer for RingCentral

Data Theorem’s API Inspect leverages our Analyzer Engine to continuously conduct security assessments on API authentication, encryption, source code, and logging. It ensures the operational function of users’ APIs matches their respective definitions. Security team are alerted of important and critical vulnerabilities caused by insufficient security protections. API Discover and API Inspect work together to bring visibility to shadow APIs and ensure that security standards are being met.

Learn more about API Discover and API Inspect.

Top 6 API Security Needs for Serverless Apps

Free Report

Read this report to learn about Shadow APIs and the top 6 security needs for serverless apps.