2024-07-12
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
Alibaba Cloud Security has released API protection products for nearly three years, providing customers with full lifecycle monitoring and management of API assets, discovering and managing all API interface assets in the business, and improving the security of API interfaces during data flow. It now fully covers the API TOP 10 security risks proposed by OWASP.
Recently, Alibaba Cloud API Security released a new version 2.0, which comprehensively upgraded the product architecture and achieved significant improvements in detection timeliness, richness, accuracy, and user experience.
The near-real-time detection capability provides the ability to automatically identify API interface assets, analyze API sensitive data, business purposes, service objects, life cycle status, traffic components, etc., and build API baseline portraits in multiple dimensions to achieve API classification and grading management. It also supports pushing related assets and alarm information to the log service, which facilitates linkage and integration with the user's internal operation and maintenance system to improve operation and maintenance efficiency;
Enhanced interface vulnerability detection capabilities: Currently, it supports risk detection capabilities for 38 types of interfaces in six categories (covering interface design, interface development specifications, permission management, account security, sensitive data protection, and access control). It can detect common API risks, such as unauthorized interface sensitive data leakage and weak passwords for internal applications.
Strengthened attack detection capabilities support five categories (covering API abuse, baseline anomalies, account risks, response anomalies, and sensitive data leakage) and a total of 25 types of API abnormal behavior detection. For example, in the interface data crawling scenario, attackers can obtain personal sensitive information by traversing ID values, causing data leakage risks. Alibaba Cloud API Security can continuously monitor and promptly warn of abnormal behaviors based on the established baseline;
Flexible custom detection further opens up the ability to customize policies, supporting customers to customize detection policies such as interface identification, risk/attack, sensitive data, life cycle, and business purpose according to their business characteristics and security requirements. For example, in terms of custom attack detection, the new version supports deduplication statistics for each request parameter and sensitive data, which can more accurately detect interface abuse such as data traversal, database collision, blasting and other attack behaviors.
I have devoted myself to the research of technology for more than 30 years. I am proficient in various languages such as Java, Linux, JavaScript, PHP, CSS, etc. I have made many contributions in the field of open source. I have established a developer documentation site to share some problems in technology development for everyone to read.
