SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Neosec and Kong form strategic partnership to strengthen API security
Thu, 9th Dec 2021
FYI, this story is more than a year old

Neosec has formed a strategic partnership with Kong to integrate its API security platform with Kong Gateway.

The intention of the collaboration is to provide a complete enterprise-class solution for managing and securing APIs and microservices, the company states.

Kong provides an API gateway built for hybrid, multi-cloud environments optimised for microservices and distributed architectures.

Neosec enables Kong customers to gain enterprise API security capabilities to protect their critical business processes. The solution continuously discovers all APIs, and using API behavioural analytics, detects abuse and automatically orchestrates conditional responses on specific consumer entities into the Kong API gateway.

The technology integration is the first API security solution with closed loop feedback into an API gateway.

Neosec chief executive officer Giora Engel says, “As more enterprises embrace digital transformation initiatives and expose APIs, core aspects of business processes are increasingly put at risk.

"In this modern environment, API security cannot only create alerts for a security team to evaluate, but it must also work with existing API technologies in creating automated responses.

"Our strategic partnership with Kong enables the platforms to natively work together using their existing Kong Gateway Enterprise deployment without requiring any changes to the production pipeline."

According to Engel, with this integration, Kong Gateway provides a way to manage the complexities of deploying and using APIs, while the Neosec platform augments the security posture with API discovery, risk assessment, and AI-powered behavioural analysis, detection and response.

As a result of security incidents, the Neosec integration automatically creates security policies in Kong Gateway and enables automated responses, the company states.

Kong Gateway includes API authentication, authorisation, logging, traffic control, caching and administration. Neosec ingests access logs from popular technologies such as CDNs, Web app firewalls and API gateways.

The Neosec platform also enables API discovery and automatically flags meaningful anomalous behaviours within them.

Ultimately, according to the company, the combined solution enables enterprises to embrace the power of digital business while minimising the risks without any changes to the production pipeline.

Kong vice president of products Reza Shafi says, “The stakes for API exposure continue to climb as companies rely more heavily on open infrastructure and connecting applications, systems and data with each other as well as with customers and partners.

"We are excited to partner with Neosec and have its platform natively integrated with Kong Gateway and exclusively available to our customers with an Enterprise subscription.

"Offering the world's most popular API gateway and the leading service connectivity platform, Kong has vastly eased the burden of using microservices and APIs for distributed applications, and the combined solution now more fully addresses the risks and exposure running within APIs.

Neosec is strategically forming technology partnerships with providers of digital business infrastructure including CDNs and API gateways and management solutions.

Neosec API Security is available for all Kong enterprise customers to protect their existing APIs.