Data Theorem Introduces Industry’s First API Attack Surface Calculator

New Simple-to-Use, Free Self-Service API Assessment Tool Helps Organizations of Any Size Understand their Attack Surface Exposures

Palo Alto, Calif.

Data Theorem, Inc., a leading provider of modern application security, today announced that it has introduced the industry’s first API Attack Surface Calculator to help organizations of any size understand their attack surface exposures. Delivered as a free self-service offering, the assessment tool is simple to use and conducts its first-level API security analysis in less than five minutes.

API attack surfaces are dynamic by nature in the public cloud. Hackers are taking advantage of this API reality to help breach organizations and extract data. Organizations need to better understand and measure their ever-increasing API attack surfaces that are amplified by modern web, mobile, and cloud-native applications. Data Theorem’s API Attack Surface Calculator can help organizations begin to build a modern API security program and understand how each layer of a cloud native app contributes to the overall API attack surface.

According to Gartner in its API Security: Protect your APIs from Attacks and Data Breaches webinar, “Gartner predicts that by 2022, application programming interface (API) attacks will become the most-frequent attack vector, causing data breaches for enterprise web applications. Already, many well-publicized API security vulnerabilities affected a wide range of organizations…Many of the recent API data breaches have exploited multiple layers of application in order to extract data. Understanding how exposure[s] at each layer of the application stack can lead to a breach.”

The new API Security Calculator provides a multi-step process for customers to answer questions about the different layers in the application stack. Following customer supplied answers, the Attack Surface Management (ASM) capabilities running inside of Data Theorem’s Analyzer Engine will provide dynamically driven ratings around potential API exposures across the multiple application layers: client, data transport and cloud.

“This free API Attack Surface Calculator, which can be done in a self-service fashion and takes less than 5 minutes to complete its assessment, is an important first step in measuring an organization for the most prominent attack vector and attack surface exposures,” said Doug Dooley, Data Theorem COO. “At no charge, organizations can leverage Data Theorem’s differentiated ASM capabilities and comparative insights that give sensitivity ratings per attack surface layer that help customers determine next steps on addressing potential API exposures.”

This first-of-its-kind API Attack Surface Calculator is available today for free from Data Theorem at https://bit.ly/3l5Bz54. It is an important attack surface management tool that is offered in conjunction with the API Security for Dummies e-book from Data Theorem, available at https://www.datatheorem.com/resources/white-papers/api-security-for-dummies/.

Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine, which leverages a new type of dynamic and run-time analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation.

Media Contact

Dan Spaldingdan@datatheorem.com(408) 960-9297

About Data Theorem

Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs, Web, Mobile, and Cloud applications in search of security flaws and data privacy gaps. The company has detected more than 5 billion application incidents and currently secures more than 25,000 modern applications for its enterprise customers around the world.