top of page
Image by Christina @ wocintechchat.com

API Discovery

Aimed to assist the security teams to control APIs and discover potential excessive data exposure. It generates a dynamic API endpoints catalogs

API Discovery
Image by Caspar Camille Rubin

API-WAF Module

The API-WAF module protects from malicious content-based (“classical”) applicative attacks, as appears in the “OWASP top 10” – APIs and Applications security lists. Performing in real-time, it conducts full deep packet inspection (DPI), followed by an intensive AI analysis for each request (API endpoint) argument value and server reply content, which can catch advanced attack vectors generated by AI tools, making it the ultimate first line of API protection at the era of AI attacks.

API-WAF Module
Image by Christina @ wocintechchat.com

API-BOT Module

The API-BOT module protects API endpoints from bot attacks, as listed in the “Automated Threats to Web Applications” list, aka “OWASP Top 20”. It performs real-time deep packet inspection (DPI), followed by near real-time AI analysis of the API(s) traffic – content, context, and metadata, applying relevant bot activity measurements along multiple time scales, enabling to catch the slowest bots that can operate for days. ammune™ API-Bot module can detect advanced bot attack tactics generated by AI tools. These capabilities are making it the ultimate first line of API protection from bot attacks in the era of AI attacks.

Image by Christina @ wocintechchat.com

API-DDoS Module

The API-DDoS module protects from applicative DDoS attacks tailored against specific API endpoint(s). Such attacks may use camouflage techniques, such as rotating source IPs, and request content randomization while using optimization AI-based algorithms to decide on the next wave of attack tactics. ammune™ API-DDoS module performs real-time deep packet inspection (DPI), followed by AI analysis that uses specific DDoS measurements alongside general bot measurements at the endpoint level. It can catch multi-vector DDoS attacks at scales of even 100 DDoS vectors simultaneously. These capabilities are making it the ultimate first line of API protection from bot attacks at the era of AI attacks.

API-BOT Module
API-DDoS Module
Image by Christina @ wocintechchat.com

API-BL Module

The API-BL module protects APIs from Business Logic (BL) attacks, leading to forbidden data or functionality access or abused business processes and fraud. As some of these attacks are listed in the “OWASP Top 10 – API security list “ few more attack types were added by us. ammune™ performs in-session traffic analysis to identify these attack patterns in real-time, involving session as well as historical data points. It completes the first line of protection together with the API-WAF module.

API-BL Module
bottom of page