Application programming interface security startup Traceable Inc. today announced the release of API Security Reference Architecture for Zero Trust, a guide for addressing the urgency of integrating API security into zero-trust security initiatives.

Zero trust is an increasingly popular security model that operates on the principle of “never trust, always verify.” The model emphasizes continuous authentication and validation for every user and device, whether inside or outside the organization’s network. The framework reduces the attack surface by assuming potential threats can originate from any point within or outside the network, necessitating enhanced access controls, data security and consistent monitoring and validation processes.

Traceable AI’s new architecture is designed to work with the National Institute of Standards and Technology’s zero-trust architecture — a public, vendor-neutral framework widely adopted by multiple government entities and leading cybersecurity vendors. The alignment with the NIST architecture ensure compatibility and interoperability and also adheres to established industry standards, offering a reliable and trustworthy solution for organizations keen on implementing zero trust for their APIs, according to the company.

Zero-trust implementations and architectures are not new, but Traceable AI claims its focused approach toward enhancing API security sets its new release apart. The company argues that traditional zero-trust approaches have primarily concentrated on network-level controls and identity access management. In contrast, Traceable AI recognizes the critical nature of the application layer, particularly APIs, and presents a holistic framework to address it.

Benefits offered by Traceable’s architecture include advanced API security measures, comprehensive risk management and increased visibility and control. The architecture also provides seamless automation and orchestration, scalability, flexibility and improved compliance and data protection.

Dr. Chase Cunningham, known as “Dr. Zero Trust” online and an adviser to Traceable AI, commented that “APIs provide a new means of applying controls across enterprise applications; however, the security practices for APIs have not yet matured, leaving a significant gap in the overall attack surface. Traceable has developed their own API Security Reference Architecture to help fill this gap by providing organizations with a methodical way to secure their APIs with zero trust principles.”

Traceable AI is a venture capital-backed company that last raised $60 million on a $450 million valuation in March 2022. Investors in the company include IVP Ltd., Tiger Global Management LLC, Unusual Ventures and BIG Labs LLC.

Image: Traceable AI