SECURITY
SECURITY
SECURITY
Detectify expands AppSec platform with new API scanning capabilities
Advanced application security testing startup Detectify AB today announced the expansion of its AppSec platform with the addition of advanced application programming interface scanning capabilities that allow organizations to identify and remediate vulnerabilities across all layers of their modern applications.
The addition seeks to address the issue where modern application environments that rely on APIs struggle with incomplete API inventories, poor documentation and the complexities of disparate testing solutions. Thrown into the mix are compliance frameworks such as Payment Card Industry Data Security Standard and Service Organization Control 2 that mandate API scanning. Yet often organizations lack explicit guidance, leaving security teams without clear direction.
Detectify’s new API scanning capabilities tackle these issues by giving AppSec teams unified API visibility that combines discovered API endpoints with user-uploaded data. The result is a comprehensive inventory and the context needed to prioritize scanning across the entire API attack surface.
With the new API Scanner, Detectify customers gain access to dynamic payloads that make every scan different. Instead of relying on static methods, the scanner uses artificial intelligence to randomize and rotate payloads for each run, ensuring fresh attack simulations every time.
The tool also delivers testing at scale and can perform hundreds of vulnerability checks backed by an extensive library. The reference library includes more than 330,000 payloads for command injection and a whopping 922 quintillion payloads for prompt injection tests.
Along with the ability to test at large scale, the scanner provides broad vulnerability coverage across modern application risks. The scanner detects critical weaknesses outlined in the Open Worldwide Application Security Project API Top 10 as well as common issues like SQL injection, NoSQL injection, cross-site scripting and insecure deserialization.
“API security is a fundamental component of every modern attack surface,” said Chief Executive Rickard Carlsson. “With the launch of our dynamic API scanner, we’re building on our recent intelligent scan recommendations and asset classification features to provide AppSec teams with the most unified and intelligent view of their attack surface to date.”
Detectify is a venture capital-backed startup that has raised $42.1 million over five rounds. Investors in the company include Insight Venture Partners, First Fellow Partners Oy, Inventure, Balderton Capital (UK) LLP and SquareOne App Ltd.
Image: SiliconANGLE/Reve
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
