#India #API Security #Noida #HCLSoftware #AppScan

HCLSoftware Launches HCL AppScan API Security

HCLSoftware has announced the introduction of its latest product, HCL AppScan API Security, designed in partnership with Salt Security. This innovative solution aims to provide comprehensive security management for API assets, ensuring that organizations can continue to leverage APIs for business value without compromising on security.

In today’s digital landscape, APIs are essential, accounting for more than 50% of web traffic. They enable communication between various applications and are critical for cloud services, mobile applications, and IoT devices. However, as APIs become more integral to business operations, they also present significant security risks and vulnerabilities that must be effectively managed.

Rajesh Iyer, Executive Vice President of HCLSoftware, emphasized the importance of API security in the current business environment. He remarked that the increasing reliance on APIs has made it a priority for organizations seeking to enhance their overall security posture and protect their digital ecosystems.

The launch comes in response to alarming statistics revealing a rise in API-related security incidents. According to the Salt Security’s 2024 State of API Security report, a staggering 37% of organizations reported experiencing an API security incident in the previous year, doubling the number of incidents observed. These trends highlight the urgent need for robust security measures tailored to APIs.

With numerous companies not fully aware of their API usage, HCL AppScan API Security focuses on addressing this challenge by offering continuous discovery and accurate inventory management for API assets. Colin Bell, CTO of HCL AppScan, stated that this capability allows security teams to gain valuable insights into their overall security landscape, which is critical for effective risk management.

One significant feature of the new API security solution is its integration of AI technology, which enables automated vulnerability detection and fixes. The Open Web Application Security Project (OWASP) has identified the OWASP API Security Top 10 as the most critical security risks associated with APIs. HCL AppScan API Security ensures that organizations effectively address these risks, which include vulnerabilities such as Broken Object Level Authorization (BOLA) and Excessive Data Exposure.

Michael Nicosia, COO and Co-founder of Salt Security, added that organizations must maintain continuous compliance across their API ecosystems, especially with the rising number of regulatory requirements. The integration of HCL AppScan capabilities with Salt Security's real-time governance will provide organizations with comprehensive insights across their entire API landscape.

HCL AppScan API Security aims to offer complete coverage of the OWASP API Security Top 10 list, helping organizations to:

• - Detect and reduce security blind spots using an AI-infused API discovery platform.
• - Discover and keep track of all API assets, including Shadow and Zombie APIs.
• - Identify sensitive data in transit, ensuring compliance with regulations such as GDPR, HIPAA, and PCI DSS.
• - Connect APIs to their relevant owners and business functions.
• - Gain detailed insights into their overall security posture across the API landscape.
• - Maintain corporate API standards during both runtime and development phases.

Furthermore, the solution promotes industry best practices through a library of pre-built policy templates, along with API-specific DAST vulnerability testing capabilities, ensuring accuracy aligned with the latest specifications and configurations.

HCL Software, as a pioneer in software innovation, remains dedicated to delivering transformative solutions that empower organizations across various sectors. The unveiling of HCL AppScan API Security highlights their commitment to addressing the evolving landscapes of cybersecurity challenges.

For further information about HCL AppScan API Security, you can visit HCL Software's official page.

By introducing this solution, HCLSoftware aims to equip organizations with the necessary tools to protect themselves against the increasing threats associated with API vulnerabilities, thereby ensuring a more secure digital environment for all.