With its latest security update, Google Cloud intends to reduce attacks targeting APIs.
Ahead of the weekend, Google announced a security tightening of Google Cloud APIs. Using the Advanced API Security framework, users will be able to identify potential threats, suppress bot traffic, and spot data breaches caused by misconfigurations or API attacks. Advanced API Security stems from the 2016 acquisition of Apigee by Google for $625 million. According to the company, the new system allows users to dig deeper into API traffic to detect unusual patterns that may reveal an exploit in progress.
Exploiting APIs has become one of the main attack vectors against web applications. According to a study by Gartner cited by Google, starting this year, API violations will be the main method of attack used against these applications. The system regularly checks all the APIs managed by a given system and automatically reports problems to the IT department in the event of an anomaly. Users can also set standard security policies that APIs must adhere to, and again, the system automatically flags them in the event of a breach. The system also uses predefined rules to identify bot traffic in information sent or received via the API: unusual traffic patterns generated by bots will trigger an alert and report the incident to the IT team. Even bots that receive an HTTP 200 OK response code can be identified by the system, which Google says will make it easier to identify data breaches after the fact.
Common Attacks in Healthcare and Financial Services
According to Google, the financial services and healthcare industries are particularly exposed to API-related threats. The healthcare system uses a lot of interconnected APIs to allow providers to securely share information with insurance companies and provide automated treatment recommendations, giving bad actors looking to access patient data a surface. vulnerable attack. Similarly, the financial services industry processes large amounts of high-value transactional data and open banking standards require extensive API support to function. This is why it represents an attractive target for malicious hackers. “API security has become a big concern because it exposes business,” Vikas Anand, Product Manager at Google Cloud, said in an official blog post announcing these security features. “The expanded offering of digital experiences goes hand-in-hand with growing use of APIs and increasing traffic volumes,” he added. Last week’s announcement, however, specifies that this system is only a preliminary version. Google hasn’t indicated when these features would generally be available.