API security is no longer optional—it’s a necessity. As APIs continue to drive digital transformation, the risks associated with unsecured APIs will only grow. Akamai Technologies recently announced a new native connector between Akamai API Security and Akamai Connected Cloud to simplify and accelerate the discovery and protection of APIs by enabling customers to send a copy of their Akamai Connected Cloud traffic directly to API Security for analysis and to rapidly block attacks.

In this episode of Let’s Talk, Stas Neyman, Director of Product Marketing at Akamai, discusses the growing importance of API security and how Akamai is strengthening its portfolio, focusing on the newly launched native connector for API traffic analysis.

Neyman explains how the native connector simplifies API traffic analysis, offering zero-cost deployment and rapid response capabilities. The integration aims to bridge the gap between developers and security teams, providing full visibility and actionable insights without additional costs.

Issues & Risks

• APIs are critical for business innovation but are primary targets for malicious actors.
• A single compromised API can result in major consequences like data breaches, service disruptions, and reputational damage.
• Organizations must consider API security to comply with various regulatory and legal requirements.
• API security involves multiple teams (security, DevOps, developers) with different priorities.

Questions discussed

• How is API security different from regular security?
• How has the evolution of API security progressed?
• How does API security fit into Akamai’s services and products?
• How does the new native connector between Akamai API Security and Akamai’s Connected Cloud work?
• How is this integration different from what’s already available, and why was it needed?
• How does this integration bridge the gap between developers and security teams?
• How does the integration impact costs?

Timeline

• The native connector between Akamai API Security and Akamai’s Connected Cloud was announced as generally available.
• It is already being used at scale by more than 100 customers.

Introduction and Background of Stas Neyman

• Neyman shares his background, mentioning his recent joining Akamai through the acquisition of NoName Security.
• Neyman outlines his previous roles at CyberArk, AWS, and HP, highlighting his experience in product marketing.
• Neyman explains his current responsibilities, focusing on the API security product line at Akamai.

Overview of API Security Market

• Neyman emphasizes the critical role of APIs in driving business innovation and growth, making them primary targets for malicious actors.
• Neyman explains the severe consequences of compromised APIs, including data breaches, service disruptions, and reputational damage.
• Neyman highlights the regulatory pressures on organizations to comply with various legal requirements related to API security.

Evolution of API Security and Market Understanding

• Neyman notes the shift in conversations from understanding the importance of APIs to implementing and prioritizing API security.
• Neyman discusses the various teams involved in API security, including security teams, DevOps, and developers, and their different needs.
• Neyman mentions that the market now understands the ubiquity and importance of APIs, focusing on how to prioritize and implement security measures.

Akamai’s API Security Portfolio

• Neyman explains that Akamai doubled down on API security with the acquisition of NoName Security.
• Neyman highlights the importance of NoName Security’s extensive integrations and vendor-neutral approach.
• Neyman describes how Akamai’s API security capabilities allow companies to integrate with more than 40 traffic sources, providing end-to-end application and API security.

Introduction of the New Native Connector

• Neyman explains that the connector simplifies and accelerates the discovery and protection of APIs by sending a copy of Akamai traffic to API security for analysis.
• Neyman emphasizes the ease of deployment and the zero-cost nature of the integration, managed entirely by Akamai.
• Neyman mentions the connector’s ability to rapidly respond to attacks by blocking IP addresses directly at the edge.

Benefits and Differentiators of the Native Connector

• Neyman highlights the simplicity of deployment, with no additional projects, teams, or infrastructure required.
• Neyman reiterates the zero-cost aspect, ensuring no data transfer or maintenance costs.
• Neyman emphasizes the connector’s ability to provide full visibility into API traffic and block attacks quickly, making it a powerful tool for security teams.

Comparison with Existing Integrations

• Neyman explains that the connector leverages Akamai’s extensive traffic data to provide instant visibility and analysis of API traffic.
• Neyman mentions the inclusion of native testing capabilities, allowing developers to run over 200 tests on APIs during development.
• Neyman highlights the elimination of vulnerabilities in the production environment, benefiting both developers and security teams.

Bridging the Gap Between Developers and Security Teams

• Neyman explains that full visibility into API traffic helps identify the most vulnerable APIs, prioritizing security efforts.
• Neyman describes the developer-friendly nature of the solution, providing detailed information on issues and integrating with popular tools like JIRA and Slack.
• Neyman reiterates the zero-cost aspect, ensuring that the integration is accessible and beneficial for all teams.

General Availability and Customer Adoption

• Neyman confirms that the connector is generally available and being used at scale by more than 100 customers.
• Neyman highlights the success and satisfaction of customers using the new connector, emphasizing its built-for-scale nature.