So-called identity-defined security firm Ping Identity Corp. today launched new artificial intelligence capabilities to protect against attacks on application programming interfaces.

The launch follows its acquisition of cybersecurity firm Elastic Beam Inc., also announced today. Elastic Beam provides security for hybrid clouds by using AI techniques to root out and shut down threats that access corporate systems and data via vulnerable APIs.

With the acquisition, Ping Identity is now offering these same capabilities via its new PingIntelligence for APIs tool, allowing it to secure API infrastructure in both public and hybrid clouds.

PingIntelligence for APIs works by providing greater visibility into API activity, and can “autodiscover” all active APIs within IT environments to make sure none are forgotten or overlooked, the company said. In turn, this allows its customers to recognize and immediately respond to attacks on their infrastructure via API vulnerabilities, without needing to predefined rules or access policies beforehand. The platform also provides extensive data on APIs for compliance, audit and forensic reports.

Ping Identity said there’s an acute need for API protection tools, citing a report from analyst firm Gartner Inc. that shows how API abuses are expected to become the most often-exploited attack vector on enterprise web applications by 2022.

“APIs are innovation enablers, but they also have a security blindspot,” said Bernard Harguindeguy, founder of Elastic Beam and now a senior vice president of intelligence at Ping Identity. “While they’re the primary channel for business transactions, their ubiquity and connectedness to sensitive data make them a prime target for bad actors. Elastic Beam was built to address this vulnerability.”

Ping Identity said its PingIntelligence for APIs product is currently available in private preview, ahead of a general launch expected later this year.

Image: Ping Identity