API Security

Enterprises are reshaping their business models to address the new digital economy by making data and applications available as APIs for consumption in mobile applications, cloud applications and Internet of Things (IoT). While APIs connect enterprises with mobile apps and a large community of developers, these APIs also need to be scalable, reliable, and most importantly secure. As these businesses start monetizing their resources through digital channels they need to become more vigilant about security and complaince and prevent their APIs against threats and hacks.

The Akana API Security solution streamlines management, deployment, development and operation of APIs, enhancing security and regulatory compliance through authentication, authorization and audit capabilities. The Akana API Gateway, deployed at the edge of the network to provide perimeter security and defence, protects the enterprise by handling authentication and authorization, encrypting data, preventing threats and attacks and rate limiting traffic. The API Gateway can be deployed in the cloud or on-premises.

API Gateway
 

Authentication and Authorization

  • Choose from a wide array of authentication schemes, standards and token types to ensure that only valid users and applications get access
  • Integrate with leading identity and access management providers or use the built-in access control system
  • Use existing enterprise security systems to create an OAuth authorization server.
 

Message Security

  • Ensure the privacy of data in flight and at rest (a key requirement for PCI Compliance)
  • Support SSL & TLS as well as message-based encryption and decryption using the XML-Encryption standards
  • Sign and verify messages and headers to provide non-repudiation
  • Simplify key and certificate generation, distribution and management with built-in PKI services
 

Threat Protection

  • Prevent Denial of Service (DoS) attacks, malformed messages or excessive XML/JSON depth and breadth.
  • Detect and prevent SQL, JavaScript or XPath/XQuery injection attacks
  • Provide a content firewall, protecting against malicious content including protection against viruses in attachments and validation of message content – XML and JSON data structure, form and query parameters.
 

Orchestration, Mediation and Transformation

  • Bi-directional protocol transformation - Convert existing SOAP or Plain-old-XML (POX) over MQ or JMS services into RESTful APIs with XML and/or JSON content
  • API & Message Routing - Route based on message content, headers, identity and other factors
  • Orchestration - Remove operations, aggregate multiple backend APIs or services, perform mediation, or composition - without writing code.
  • Scripting - Author reusable scripts using a variety of languages (e.g. node.js, JavaScript, Groovy, Jython, BeanShell) and embed them within processes
 

Analytics and Monitoring

  • Real-time system monitoring – Use the Web-based dashboards to get real-time visibility into service and API performance, dependencies, and alert status
  • Alert Management – Powerful alert management, monitoring, and distribution. Leverage alerts within compositions to control message routing, enforce SLAs or perform other runtime activities
  • Analytics – Dashboards and out-of-the-box reports provide visibility into the performance of APIs and services from different perspectives, including department, partner, application contract, API/service or operation
  • Learn more about Akana API analytics and reporting
 

Unified API and SOA

  • Define and Manage API’s- Create APIs with multiple interfaces using different standards including REST/XML, REST/JSON and SOAP with no extra development effort
  • Comprehensive Integration with Akana’s Lifecycle Manager - Control the service production and consumption process from requirements definition to development
  • Contract Management - Manage relationships between service consumers and providers
 

Deploy in the cloud, or on-premises

  • On-Premise or in the Cloud – You can choose how and where you deploy to best meet the need of your business
  • Virtual Appliance – Deploy as a pre-packaged hardened virtual appliance on any infrastructure of your choice
 

Learn More

API security – A guide to securing your digital channels

Learn about the necessary components of a well-constructed API security strategy. Understand API risk assessment, the various attack vectors that could potentially make your API vulnerable, and risk mitigation strategies to avoid API hacks.

Get Your Demo

With Akana you can quickly build, secure and manage reliable easy-to-use APIs. Get started now by getting a customized demo of the Akana platform.

API Security - Securing digital channels and mobile apps against hacks

In this webinar, we will walk you through the various aspects of how an API could be potentially exploited. We will discuss the necessary best practices to secure your data and enterprise applications while continue continuing to support your business’s digital initiatives.

Learn more about our capabilities.