API Shield

Secure Your API Resources With Full-cycle Management Platform

API security has emerged as a key priority for protecting vital data and services. It’s also an area where many companies lack expertise. CDNetworks’ API Shield is an API security service designed to identify flaws in APIs and harden your API security posture.

Unlike one-off tools and scanners, API Shield is based on a platform of capabilities that combines management, protection, and analysis functions. Rooted in CDNetworks’ intelligent engine, API Shield runs multiple detection processes simultaneously in real time to detect vulnerabilities in your APIs and shield them from exploitation. API Shield detects variations in normal API behavior to drive your business forward while improving awareness of your API attack surface. Robust notification and response techniques shorten mean-time-to-detect an incident and mean-time-to-repair.

Features

API Inventory

Defines API resources and manages their privacy and other vital status conditions across their full lifecycle.

API Discovery

Discovers unknown API resources using advanced log analysis technology

API Consumer

Identifies the source of requests based on a unique consumer ID.

API Request Quota Management

Manages quota limits on API requests for each API consumer across various time periods to ensure consistent availability and performance.

Limiting Concurrent Requests

Limits the number of the API requests in the configured time period for the API assets to avoid impacting the performance of API servers.

API Permission & Scope Management

Customizes the scope of API inventory and customer permissions to restrict the authentication.

Limiting Request Methods

Identifies illegal request methods and blocks malicious requests accurately, to ensure the security of the APIs.

Compliance Detection

Refines and verifies the body or parameters of requests to identify and intercept the illegal request effectively.

Authentication

Verifies the credibility of API requests by detecting dynamic authentication tokens in the request; Blocks those API requests with fake identities.

Distributed Architecture

API Shield is deployed on CDNetworks’ globally distributed 2800+ points of presence (POPs) to achieve global load balancing seamless single-node failover. This unparalleled reach makes one-click deployment possible and allows malicious traffic to be removed at edge nodes, offloading this task from origin servers.

Abundant PoPs & Resources

Sensitive Info Leakage Prevention

API Shield identifies whether API responses include proprietary and confidential information, and then masks personally identifiable information in real time to limit the attack surface and make it less likely for sensitive data to be stolen.

One-stop Security Service

A strong API strategy requires tools that work in concert to promote a strong API security strategy. API Shield is built to offer integration with Application Shield (DDoS Mitigation and WAF) and Bot Shield (Bot Management) to provide a  comprehensive, one-stop cloud Web Application and API Protection (WAAP) . Visualizing your data across different security products provides unique, multi-layered detection capabilities to accurately identify malicious actors and respond.

Cloak Origin IP Address
Visual Dashboard

Visual Dashboard

API Shield allows API traffic traversing the CDNetworks platform to be analyzed and correlated in context from many perspectives — including API distribution, API request trends, request source distributions, consumer calls, and risk event trends — to deliver the most accurate results. These multi-dimensional views into the flow of transactions through your API traffic provide real-time insight and context into API active status conditions and risk potentials to see which threats are being faced by your APIs and which attackers pose the greatest risks.

How It Works

API Shield is the most effective and easiest to use product for proactively handling API-centric threats with a single solution. API Shield is deployed on CDNetworks’ globally distributed PoPs from where it detects suspicious and malicious API requests in real time, and then blocks the request or takes other proactive actions based on the observed risk and type of threat.

Using a cloud-based big data analytics platform and high-performance analysis cluster, API Shield can upload log files to big data analysis platforms, and find trends and patterns to help guide your business decisions, investigations, and security. In this way, cybersecurity is taken into account constantly as a way to stay at least as good as the attackers, if not better.

API Shield can also monitor API activities in real time while allowing users to manage their API lifecycles. These features — and more — make API Shield the perfect solution for protecting your APIs from today’s modern threat landscape.