API Security

Edgio Releases Security Platform Controls

Edgio to launch three new features offering advanced protection and greater control for organizations facing emerging cybersecurity challenges

Edgio, the platform of choice for security, speed and simplicity at the edge, today announced new security features aimed at giving customers robust controls to secure APIs and mitigate the risks of automated attacks. Edgio’s API security solution is enhanced by the addition of JSON Web Token (JWT) authentication to secure customers’ API endpoints, as well as significant improvements to its Advanced Rate Limiting solution to protect customers from evolving application DDoS threats.

With the inclusion of JWT validation, Edgio customers can perform authorization of their API requests at the edge, ensuring users are authenticated and have the right access level to perform designated functions on their API endpoints. JWT validation is a critical piece in protecting against broken authentication, an OWASP Top 10 API risk. Gartner also noted last year that “50% of data theft will be due to unsecured APIs by 2025.”

Additionally, this feature allows customers to transition their API Gateway functions from cloud infrastructure to the edge, leveraging Edgio’s ultra-low latency environment to improve the performance and security of API traffic. This enhancement gives customers granular control over API access while providing real time mitigation of attacks closest to where they originated from. This further amplifies the availability and reduces costs for operating mission critical API endpoints.

Edgio also made several significant enhancements to its Advanced Rate Limiting solution, which provides additional controls to protect against a wide range of automated threat use cases including fraud, DDoS, and API abuse. Customers can now track user requests across longer periods of time to detect low and slow DDoS attacks designed to exhaust their resources without a noticeable spike. The ability to incorporate user session and supplemental custom identifiers (in the form of TLS fingerprints) enable customers to shape their application traffic granularly, ensuring accurate detection of advanced persistent attacks and maximizing application uptime during attacks.

Furthermore, the platform will offer response-based rate limiting to arm customers against sophisticated attacks designed to bust cache and generate elevated errors overwhelming their applications. This ability is particularly useful in protecting customers’ APIs and authentication endpoints against credential stuffing or application DDoS attacks. Edgio has been using this technique to successfully mitigate attacks from aggressive DDoS campaigns launched by hacktivist groups during the first year of the war in Ukraine.

“In today’s dynamic threat landscape, empowering organizations with additional control over their defense-in-depth layers is more important than ever,” said Richard Yew, VP of Product Management, Edgio. “Edgio takes pride in offering these new and improved features to combat the surge in automated threats, ensuring our customers enjoy peace of mind and confidence in the security and resiliency of their applications.”

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

Related posts

Wallarm announces Policy Integration with MuleSoft AnyPoint Platform

Business Wire

Noname Security positioned on CRN’s 2024 Security 100 List

GlobeNewswire

Akamai Technologies To Acquire API Security Company Neosec

PR Newswire