#India #API Security #Salt Security #Noida #HCLSoftware

HCLSoftware Introduces HCL AppScan API Security

In a significant advancement for cybersecurity, HCLSoftware, a prominent player in enterprise software solutions, has launched its latest offering, HCL AppScan API Security. This new product, developed in collaboration with Salt Security, is designed to support organizations in managing their API assets effectively while minimizing potential security risks.

As the digital landscape evolves, the reliance on Application Programming Interfaces (APIs) has surged, with APIs now accounting for more than 50% of all web traffic. This substantial increase underscores the critical role APIs play in facilitating communication between applications. However, this growing dependency also highlights new security challenges, as APIs have become a popular target for cybercriminals seeking to exploit vulnerabilities.

Rajesh Iyer, Executive Vice President of HCLSoftware, emphasized the shift in corporate priorities due to the escalating importance of robust API security: "Our customers are aware that securing their digital ecosystems is not just an IT issue; it is now a boardroom-level concern."

A recent report from Salt Security reveals a dramatic spike in API-related security incidents, with 37% of surveyed organizations reporting at least one API-related breach at some point. This statistic is alarming, as it indicates a doubling of incidents year-on-year. Recent months have showcased the severity of these attacks across various industries—including social media platforms, technology firms, and e-commerce websites—exposing sensitive data of millions of users.

Given the prevalent use of APIs, many organizations are unaware of the number of APIs they actively utilize, which can number in the hundreds for medium to large enterprises. APIs underpin vital operations such as online transactions, media streaming, payment processing, and more, making it essential for companies to maintain a comprehensive inventory of their API assets.

One of the hallmark features of HCL AppScan API Security is its capacity for continuous discovery and documentation of all APIs within an organization. As noted by Colin Bell, CTO of HCL AppScan, this functionality empowers security teams with critical insights into their overall security posture, enabling informed decision-making.

The increasing trend of API attacks has prompted the Open Web Application Security Project (OWASP) to develop the OWASP API Security Top 10, a crucial list aimed at identifying and mitigating the most pressing security risks associated with APIs. Issues highlighted in this list include broken object-level authorization and excessive data exposure. Alarmingly, 80% of attempted attacks leverage tactics outlined in the OWASP Top 10 list, yet only about 58% of organizations focus their security efforts around these guidelines.

In light of these challenges, Michael Nicosia, COO and Co-founder of Salt Security, stated, "Organizations must sustain continuous compliance across their API ecosystems due to rising security incidents and regulatory pressures. By uniting HCL AppScan's scanning capabilities with Salt Security's real-time governance, we enable firms to gain holistic insights and visibility across their entire API landscape."

Further bolstering its capabilities, HCL AppScan API Security guarantees complete coverage of the OWASP API Security Top 10. Key functionalities include seamless integration of API-specific Dynamic Application Security Testing (DAST), the identification of shadow APIs, and the linking of sensitive data to business functions—all of which collectively empower organizations to reinforce their security posture and ensure regulatory compliance that meets standards such as PCI DSS, GDPR, and HIPAA.

With such comprehensive measures, HCL AppScan API Security stands poised to redefine the approach taken by organizations towards securing their APIs in a rapidly evolving digital age. To learn more about HCL AppScan API Security, please visit HCL Software.

About HCLSoftware

HCLSoftware is a global leader in software innovation, specializing in developing, marketing, and supporting transformative solutions across multiple sectors, including cybersecurity and data analytics. With a commitment to customer success and core values guiding their operations, HCLSoftware serves over 20,000 organizations worldwide, including a majority of the Fortune 100 companies.