CloudVector
Enterprise Edition
Protecting against Advanced API Threats
Digital transformation trends such as cloud computing and applications “as-a-service” are driving a proliferation of APIs. Perimeter security has eroded and was never intended to protect this growing API attack surface. Shadow APIs are lurking.
CloudVector Enterprise Edition is an AI-enabled approach to automatically and continuously discover, monitor and secure absolutely ALL APIs—even shadow APIs. Our solution leverages a unique microsensor architecture to deliver a zero impact deployment on DevOps, with a high impact on security. With no changes to code and intelligent policy automation, organizations can stay focused on transforming the business.
What it Does
CloudVector Enterprise Edition deploys a unique, microsensor architecture with zero impact to developers or performance. These smart sensors provide deeper inspection into API parameters than any other solution. Machine learning models behavior in order to detect anomalies. Intelligent automation streamlines the policy management to keep things efficient.
- Deep API Inspection: Automatically and continuously catalog high fidelity “blueprints” for all APIs, even Shadow APIs.
- AI Behavior Modeling: Establish a baseline behavior model and compare the usage patterns in order to detect anomalies.
- Granular Policy Management: Automatically apply API controls to single session, instead of the entire application.
Request a Demo
Key Features
AI-Enabled Approach to API Protection
CloudVector applies machine learning and deep learning to automate the continuous discovery of all APIs, monitoring of anomalies, and security enforcement. Intelligent automation of policy management ameliorates workflows by automatically activating advanced security controls after a risk is detected.
Discover Enterprise API Assets with Continuous API Catalogs
CloudVector automatically and continuously discovers all API parameters to provide the industry’s most accurate and comprehensive API blueprint. Organizations leverage CloudVector to validate their API specs, even if its developers do not catalog them.
Monitor Anomalies with Automated Detection
CloudVector uses its high fidelity API blueprint to create a baseline behavior model and compare usage patterns. CloudVector models the behavior of the API, the behavior of the user interacting with the API and the behavior of the service hosting the API to monitor for anomalies and to automatically detect advanced API threats. CloudVector can even discover and monitor shadow APIs that have been introduced into a production environment without proper documentation.
Secure APIs from Abuse with Granular Controls
Secure APIs from Abuse with Granular ControlsCloudVector automatically applies AI-enabled protection policies to prevent API abuse and API-related data breaches. Granular controls enable CloudVector to respond at a session level by invalidating the access token of a single session instead of taking down the entire application, even if the application lacks native protection.
A Micro Deployment with Macro Results
CloudVector leverages a unique microsensor architecture to be deployed with zero impact to developers and no impact to application performance, or SLAs. This comprehensive solution provides complete visibility and control of all API assets, even the Shadow APIs.
Architecture
CloudVector Enterprise Edition deploys a unique, microsensor architecture with zero impact to developers or performance. These smart sensors provide deeper inspection into API parameters than any other solution. Machine learning models the behavior in order to detect anomalies. Intelligent automation streamlines the policy management to keep things efficient.
Blueprints and Live API Catalog
Our solution provides the industry’s first and only fully auto-discovery of API specs without any dependency on specs manually created by developers. This auto-discovery allows continuous updated API blueprints.
Autonomous Policies
Always up-to-date API blueprints allow advanced, targeted policies to be generated and updated automatically, without human intervention. The autonomous policies detect and protect against deep API data level abuses, thereby protecting against API level data breaches
Product Features
Inspection Module
-
Out of band
-
Zero Impact to App
-
Low footprint (<1% CPU, ~40 MB memory)
-
Managed by Controller
-
Programmable by Policy
-
Capture and filter API calls to generate API call event
-
Monitor for anomalies
Protection Module
-
Take targeted action in response to anomaly and policy violation
-
ID Management callback does not require inline deployment
Controller
-
Dashboard and policy engine
-
Manages all inspection modules and protection modules
| Features | CloudVector Enterprise Edition |
|---|---|
| API Spec Risk Assessment | Integrate into CI/CD |
| Features | CloudVector Enterprise Edition |
|---|---|
| API Insights | Yes |
| API Live View | Yes |
| API Catalog | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| API Recording | Yes |
| API Spec Generation – OpenAPI/Swagger 2.0 Format | Yes |
| API Spec Generation – OpenAPI 3.0, RAML | Yes |
| Integration with your CI/CD Pipeline | Yes |
| API Gateway on-boarding | Yes (Apigee) |
| Features | CloudVector Enterprise Edition |
|---|---|
| Kubernetes | Yes (MS AKS, AWS EKS, GCP GKE, Self-deployed Kubernetes Clusters) |
| VM | Yes (OS – RedHat, CentOS, Ubuntu, Windows. AWS EC2, Azure Virtual Machine, GCP Compute Engine, Private Data Center) |
| Nginx | Yes |
| Envoy | Yes |
| F5 | Yes |
| Heroku | Yes |
| AWS Serverless | Yes (Lambda) |
| Virtual SPAN & Tap | Yes |
| Network Tap | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| API Design Risks | Yes |
| API Security Risks | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| Metrics for basic targets | Yes (Targets – Requests, Response Latency, Response Codes, Packet Counts, Total Bytes; Dimensions – API Endpoint, Service IP, Host) |
| Metrics for advanced targets | Yes (Targets – Response Latency, Response Codes, Packet Counts, Packet Size Distribution, Total Bytes; Dimensions – API Payload Keys and Key+Values) |
| Integration with your APM or 3rd Party Products | Yes (Prometheus, Datadog, Splunk, SumoLogic, Grafana) |
| Features | CloudVector Enterprise Edition |
|---|---|
| Advanced Security Policies | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| Anomaly Detection | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| OWASP API Top 10 | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| Advanced Correlation & Tracing | Yes |
| Features | CloudVector Enterprise Edition |
|---|---|
| IDP Integration | Yes |
| In-line response policy actions | Yes |
| Integration with API Gateways | Yes (Apigee, Kong, Mulesoft) |
| Features | CloudVector Enterprise Edition |
|---|---|
| Standalone | Yes |
| CloudVector Hosted | Yes |
| Hybrid – Standalone + Hosted | Yes |
The CloudVector Difference
CloudVector Enterprise Edition automatically and continuously discovers, monitors and secures all APIs with zero impact to an application environment. Our unique microsensor deployment has zero impact to developers and performance. Smart sensors provide deeper inspection into API parameters than any other solution. Granular policy management lets you apply API controls to a single session, instead of the entire application. Machine learning models the behavior for anomaly detection and intelligent automation streamlines policy management for maximum efficiency.
