API abuse is a common problem in the IT industry and Google is rolling out a machine learning-powered detection tool in response.
According to the company’s Shelly Hershkovitz, Google Cloud Product Manager, “50% of organizations surveyed have experienced an API security incident in the past 12 months and of those, 77% delayed the rollout of a new service or application.”
Hershkovitz says the company is rolling out its machine learning-powered tool to help organizations combat a type of attack that is usually difficult to detect:
“At the RSA Conference 2023 today, we’re making it faster and easier to help detect API abuse incidents with the introduction of Advanced API Security Machine Learning powered abuse-detection dashboards. Our newly introduced Machine Learning models are trained to detect business logic attacks.
“These types of attacks are notoriously hard to identify, and target APIs tied to intellectual property, business processes, or sensitive information, such as user data, listing of goods, or crediting accounts. These APIs must be accessible to provide business value, but have also become targets for attackers.”
The models used in the company’s API detection tool have been trained through years of use by Google’s engineers.
“The ML models that power API abuse detection have been trained and used by Google’s internal teams to help protect our public-facing APIs,” Hershkovitz adds. “The models rely on years of learning and best practices and are now available to all Apigee Advanced API Security customers.”
The new dashboards are available Apigee Advanced API Security. Customers can start a free Apogee trial here.