Guest: Joni Klippert (LinkedIn)
Company: StackHawk (Twitter)
Show: Let’s Talk

StackHawk’s new Oversight feature provides a comprehensive view of an organization’s attack surface, API testing coverage, and overall program performance, focusing on the need for preemptive API security. In this show, Joni Klippert, CEO and Co-Founder of StackHawk, shares insights on proactive API security, detailing how Oversight streamlines reporting and resource allocation for security professionals. Klippert also plans to expand StackHawk’s “code-to-cloud” security approach with new cloud-native application protection platform (CNAPP) integrations.

Klippert says, “Oversight is really about helping cybersecurity professionals as they pass off more responsibilities to automation and engineers, ensuring that they understand and have the oversight about how their program is performing.”

StackHawk’s core offerings and role in API security

• Klippert talks about StackHawk’s unique focus on API security, explaining how it proactively addresses security risks in the development lifecycle.
• Klippert describes StackHawk as a specialized suite designed for API security, equipping teams with tools for API discovery, ongoing vulnerability testing, and overall program observability to prevent issues before they reach production.
• With a focus on pre-deployment testing, StackHawk helps developers automate API vulnerability scans, integrating security directly into continuous integration and continuous delivery (CI/CD) pipelines and preventing issues from reaching production.
• Observability features ensure security teams have ongoing insight into API security, helping them shift responsibilities to developers and automate threat detection, all while tracking security program performance.

The rising API security threat as usage expands rapidly

• Klippert highlights that APIs now account for 70% of internet traffic, underscoring their central role in modern infrastructure and noting that attackers are increasingly targeting APIs as a primary attack vector.
• Klippert points out that traditional application security practices often overlook APIs, focusing more on front-end vulnerabilities while API-specific issues remain unaddressed, creating hidden security gaps.
• The rapid development of new APIs, especially as AI accelerates deployment cycles, makes proactive security essential since many APIs reach production without thorough vulnerability testing.
• Klippert warns that current reactive security strategies like production monitoring only detect threats after deployment, leaving organizations open to potential exploits in earlier development stages.

Emphasizing proactive versus reactive approaches in API security

• Klippert stresses the need for a proactive approach to API security, where vulnerabilities are identified and addressed in the development process, before the software reaches production environments.
• StackHawk’s proactive security model focuses on preventive measures, empowering engineers to deliver secure software by detecting vulnerabilities during pre-deployment testing.
• While reactive approaches, such as monitoring, remain valuable, Klippert explains that they are limited to post-deployment threat identification and must complement a broader strategy to preempt security issues.
• Klippert emphasizes the importance of the mantra, “You can’t protect what you don’t know,” as it relates to preventing attacks through early and continuous API discovery and testing.

Introduction to StackHawk’s new Oversight feature for ensuring API security visibility

• Klippert introduces us to StackHawk’s new Oversight capability, which provides security teams with a high-level view of API security, focusing on discovery, testing, and program performance metrics.
• Klippert explains that Oversight includes three essential components: API discovery, regular and automated testing, and monitoring overall program adherence to security standards.
• The discovery feature identifies repositories containing testable APIs, typically around 30% of a company’s repositories, ensuring all possible entry points are tracked and secured.
• Automated testing enforces a continuous testing model that identifies vulnerabilities early and holds developers accountable, reducing security silos across security and engineering teams.

Oversight’s expanded role in tracking API vulnerability management

• Klippert elaborates on the need for connecting APIs directly to the development teams responsible for them, which enables quicker identification and response to potential vulnerabilities.
• Klippert emphasizes the importance of thorough, frequent testing to gauge the rate at which vulnerabilities are fixed, facilitating clear expectations between security and engineering departments.
• The Oversight feature offers security professionals detailed insight into overall program performance, ensuring that all APIs are tested rigorously and regularly for peace of mind and ongoing security.
• By enforcing program adherence, Oversight enables faster remediation of vulnerabilities, helping security leaders manage risk proactively and effectively within large-scale organizations.

Integration and compatibility of StackHawk’s Oversight feature

• Klippert talks about the compatibility of Oversight within StackHawk’s platform and its suitability for complex, multi-environment deployments, such as hybrid cloud and containerized workloads.
• Klippert tells us that Oversight, alongside API Discovery, is available within StackHawk’s enterprise plan, highlighting its comprehensive role in supporting robust security programs.
• The platform assists security leaders in reporting to higher management, translating technical achievements into broader business value and making a case for increased security resources.
• With Oversight’s extensive testing coverage, security leaders can better ensure program effectiveness, maintaining high security standards across diverse environments and development teams.

Future directions and emerging opportunities for StackHawk

• Klippert hints at new directions for StackHawk, highlighting potential integrations with cloud native application protection platform (CNAPP) and production monitoring providers to expand API coverage across various stages of the application lifecycle.
• Klippert discusses the evolving importance of the “code-to-cloud” narrative as organizations prioritize end-to-end security from development through to deployment and operations.
• Klippert believes that large companies are increasingly interested in bridging gaps between development and security, creating opportunities for StackHawk to foster cross-functional security collaboration.
• Klippert also sees a growing market for partnerships that connect StackHawk’s API-focused solutions with broader security ecosystems, positioning StackHawk for continued growth and innovation.

This summary was written by Emily Nicholls.