Neosec Introduces Industry First Expert Managed Threat Hunting Service for Detecting and Investigating API Abuse and Vulnerabilities
Neosec threat hunters from the "ShadowHunt" team jumpstart the API Security process quickly and help build the knowledge in today's overstretched security teams.
PALO ALTO, Calif., June 2, 2022 - Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced the availability of ShadowHunt, an expert-staffed managed threat hunting service to augment its platform with human oversight from active threat hunters to identify the most clandestine and obfuscated API abuse. Borrowing from threat hunting capabilities in EDR and XDR, Neosec brings similar techniques to API security. ShadowHunt gives security teams peace of mind that API security experts are examining abnormal behavior on their API estate.
Combining the ShadowHunt service with the Neosec cloud-based platform enables organizations to manage the increasing risk to core business systems, assets and data from manipulation, theft or misuse. The service is ideal for companies where security teams are short-staffed or lack the expertise needed to identify threats in business API traffic, because APIs are increasingly used to connect important business systems to customers, suppliers, and partners.
"The increasing potential for insiders or attackers to utilize business APIs for criminal or malicious gain requires a new level of scrutiny and sophistication," said Giora Engel, co-founder and chief executive officer, Neosec. "The new ShadowHunt service augments our platform with an expert team to monitor API usage and hunt for fraud, abuse or critical vulnerabilities without any drain on an organization's existing security team."
Rather than focusing only on vulnerabilities within APIs, the Neosec platform addresses the problem by first automatically and continually identifying all APIs a company has in use, evaluating their risk posture and monitoring user behavioral anomalies that could involve data theft or other misuse. Most companies lack a complete API inventory, let alone understand the nature of normal API usage. Few have the ability to monitor their APIs to mitigate loss or detect abuse of business processes, financial assets and data within their APIs. Now, the ShadowHunt service can augment use of the Neosec platform with a team of experts to respond to findings quickly, investigate potential threats and recommend immediate remediation and actions.
Besides the incidents and alerts provided by the dedicated expert team of threat hunters, the ShadowHunt service also includes a monthly report to summarize findings and investigations performed by the team, news of emerging API threats discovered by Neosec across many different companies and notable changes in the use and operation of APIs currently employed by a company. The service also includes full "Ask the Experts" access to the team of threat hunters.
The ShadowHunt service and the Neosec platform together provide an effective way to quickly incorporate full monitoring and investigation of anomalous business API usage without impacting existing security operations and team workload. The combination can add protection against vulnerability exploits and API business abuse quickly and transparently.
For more information:
Read more: ShadowHunt Managed Threat Hunting Datasheet: ShadowHunt Managed Threat Hunting
About Neosec Neosec is re-inventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities together with a team of expert threat hunters. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel. To learn more, visit Neosec.com.