Data Theorem Introduces Industry’s First API Attack Path Visualization Capabilities to Enhance Protection of APIs and Software Supply Chains

Unveiled at Apidays Paris, Latest Version of API Secure Shines Light on Complex API Exploits to Help IT Security Teams Easily Digest and Understand Full Stack Attack Chain

PARIS, France

Data Theorem, Inc., a leading provider of modern application security, today introduced the industry’s first API Attack Path Visualization capabilities for the protection of APIs and the software supply chain. This latest enhancement of its award-winning API Secure solution empowers organizations with a first-ever comprehensive understanding of the attack chain, traversing all layers of an application, and extending protection to crucial underlying cloud assets including containers, storage, databases, and serverless functions.

Launched today at Apidays Paris, Data Theorem will unveil and demonstrate these industry-first API and software supply chain protection capabilities in its Booth No. 5 this week.

As cyberthreats continue to evolve in sophistication, especially in the era of generative AI, understanding the complete attack path has become paramount for organizations to fortify their digital defenses. As a result of today’s launch, Data Theorem’s API Secure, renowned for its robust API discovery, security testing, and protection capabilities, now introduces API Attack Path Visualization to provide organizations with an unparalleled depth of insight into potential vulnerabilities and their potential impact. These new full-stack visualization capabilities start with API exploits and expand to the broader perspective of how vulnerabilities impact mobile, web, serverless, and a variety of cloud-native applications.

According to Gartner, “75% of organizations that run cloud-native applications in production still use web application firewalls (WAFs) or web application and API protection (WAAP) tools to protect their applications during runtime. Attackers have shifted their attention to applications, making it evident that security leaders need to focus on application protection. Security and risk management leaders must innovate their approaches to application runtime protection and avoid stacking multiple functionally similar, overlapping products.” 1

Key features of API Secure’s new Attack Path Visualization capabilities include:

  • Deeper Understanding: Gain a full-stack view from client to infrastructure layers of the attack chain, allowing for a more in-depth analysis of potential security risks and impact.
  • Broader Coverage: Extend visibility beyond the API layer to encompass underlying cloud assets, ensuring a holistic understanding of the entire application ecosystem.
  • Visual Clarity: Intuitive visualizations uniquely make complex attack paths easily digestible, enabling security teams to make informed decisions with speed and precision.
  • Real-Time Monitoring: Keep abreast of dynamic threat landscapes with real-time monitoring, allowing for proactive observability and threat mitigation.
  • Integration Capabilities: Seamlessly integrate API Attack Path Visualization into existing workflows, CI/CD tools, and traditional security tools like web application firewalls (WAF) for alerting and blocking to streamline and efficient API protection practices.

“Data Theorem is committed to staying at the forefront of API security innovations, and our latest addition of the industry’s first API Attack Path Visualization for API Secure exemplifies this dedication,” said Doug Dooley, COO at Data Theorem. “By providing our customers with a holistic full-stack view of the attack surface, including underlying cloud assets, we empower them to proactively safeguard their cloud-centric applications against evolving threats like never before.”

According to Gartner, “Modern application protection tools must support these organizational changes and perform one or ideally more of the following functionalities – Discovery: identifying and classifying assets; Posture management: identifying security misconfigurations and proposing fixes; Detection and response: identifying and reporting (or blocking) anomalous or suspicious behavior.” 1

Data Theorem’s API Secure delivers discovery, posture management, and detection and response as base-offering with enhanced protection and an industry’s first API Attack Path Visualization with this latest release. This groundbreaking enhancement helping protect modern applications reaffirms Data Theorem’s position as a leader in API security, continuously innovating and providing organizations with the tools they need to navigate the complex landscape of modern cybersecurity threats.

Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine which leverages a new type of dynamic and runtime analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation. Data Theorem is one of the first vendors to provide a full stack application security analyzer that connects attack surfaces of applications starting at the client layers found in mobile and web, the network layers found in APIs, and the infrastructure layers found in cloud services.

Availability and Pricing

Data Theorem’s latest version of API Secure with these new Attack Path Visualization enhancements is available today. For more information, including pricing, see https://www.datatheorem.com/products/api-secure/.

Note 1 – Gartner, “How to Protect Your Cloud-Native Applications in Production,” by Dionisio Zumerle, Nov. 20, 2023.

Media Contact

Dan Spaldingdan@datatheorem.com(408) 960-9297

About Data Theorem

Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs, Web, Mobile, and Cloud applications in search of security flaws and data privacy gaps. The company has detected more than 5 billion application incidents and currently secures more than 25,000 modern applications for its enterprise customers around the world.