API protection products protect APIs from exploits, abuse and access violations, and assist in remediating API exposures. These products perform API discovery and posture management and provide runtime protection. API protection products may be delivered as cloud-based or on-premises solutions. API protection products serve to provide capabilities to organizations that need to protect their data assets primarily from attacks against the first-party APIs they expose publicly. They also need to provide coverage for the internal APIs and the third-party APIs that they may consume. API products deliver a catalog of inventoried APIs, a prioritized list of remediations of API exposures and alerts on suspicious or malicious activity on APIs.
Gartner defines access management (AM) as platforms that include an identity provider (IdP) and establish, manage and enforce runtime access controls to at least cloud, modern standards-based web and classic web applications. AM’s purpose is to enable single sign-on (SSO) access for people (workforce, consumer and other users) and machines into protected applications in a streamlined and consistent way that enhances user experience. AM is also responsible for providing security controls to protect the user session in runtime, enforcing authentication (with multifactor authentication [MFA]) and authorization using adaptive access. Lastly, AM can provide identity context for other cybersecurity tools to enable identity-first security.
The application delivery controller is a key component within enterprise and cloud data centers to improve availability, security and performance of applications. Application delivery controllers (ADCs) provide functions that optimize delivery of enterprise applications across the network. ADCs provide functionality for both user-to-application and application-to-application traffic, and effectively bridge the gap between the application and underlying protocols and traditional packet-based networks. This market evolved from the load-balancing systems that were developed in the latter half of the 1990s to ensure the availability and scalability of websites. Enterprises use ADCs today to improve the availability, scalability, end-user performance, data center resource utilization, security of their applications.
Reviews for 'Application Development, Integration and Management - Others'
“Application testing services” is a comprehensive term for the verification and validation services that support quality control and quality assurance (QA) of clients’ applications. Verification assesses whether a product/application or service complies with regulations, requirements, specifications or enforced constraints. Validation typically involves engagement with external customers to confirm suitability and acceptance. Infrastructure testing services, mobile device testing and software testing tools created for the market by independent software vendors (ISVs) are not included in this definition.
Gartner defines cloud WAAP as a category of security solutions designed to protect web applications irrespective of their hosted locations. Typically delivered as a service, cloud WAAP is offered as a series of security modules that provide protection from a broad range of runtime attacks. It offers protection from the Top 10 web application security risks defined by the Open Web Application Security Project (OWASP) and automated threats, provides API security, and can detect and protect against multiple sophisticated Layer 7 attacks targeted at web applications. Cloud WAAP’s core features include web application firewall (WAF), bot management, distributed denial of service (DDoS) mitigation and API protection.
The market for distributed denial of service (DDoS) mitigation includes vendors that detect and mitigate DDoS attacks and offer it as a dedicated offering. It includes specialty vendors, whose primary focus is DDoS mitigation, as well as providers that offer DDoS mitigation as a feature of other services. These include dedicated appliance-based vendors, communication service providers (CSPs), content delivery network (CDN) vendors, hosting providers and cloud infrastructure and platform services (CIPS) vendors.
Reviews for 'Data and Analytics - Others'
Edge Distribution Platform (EDP) is a highly distributed, edge-based, integrated network and cloud delivery infrastructure. It provides as-a-service functionalities such as edge compute and storage, web application and perimeter security, content and API acceleration, and data and analytics and AI applications. Edge distribution platform providers offer these functionalities by deploying network, compute, storage and caching nodes across geographically distributed self-owned or third party data center locations. Figure 1 shows the functionalities and potential offerings provided from an edge distribution platform
Load Testing Tools determine the performance of a system, software product, or software application under real-life based load conditions and resource utilization levels. The goal of load testing is to improve performance bottlenecks and to ensure stability and smooth functioning of software application before deployment. Through specialized testing software,various scenarios are simulated to test the system’s behavior under different load conditions. The software places a simulated “load” or demand from multiple sources on applications to ensure it remains stable during operation and peak load. It enables test analysts to evaluate application performance and maximize the operating capacity of the application.
Gartner defines microsegmentation as the ability to insert a security policy into the access layer between any two workloads in the same extended data center. Microsegmentation technologies enable the definition of fine-grained network zones, down to individual assets and applications. Core capabilities include: - Flow mapping, which is the ability to gather and show North/South and East/West traffic flows and use them in the policy definition (it can present this data in a visual manner) - Workload isolation, which is isolation from other workloads based on security policy - Policy enforcement, including the definition of rules based on different factors - The ability to deploy in the virtualized and infrastructure as a service environments Some of the most frequent optional capabilities of microsegmentation technologies include: - Automation of the deployment as part of a continuous integration/continuous deployment (CI/CD) pipeline - Integration with cloud infrastructure to ease deployment, enforce rules or automate policy updates when new assets are deployed - Asset discovery: adjacent to the flow mapping, microsegmentation tools can show more advanced context for the assets - Policy recommendation engine: complementary to the asset discovery, microsegmentation technology can suggest policy rules to authorize discovered flows - Threat detection: based on threat intelligence, layer seven protocol inspection and anomaly detection - Interoperability through direct integration with third-party products, such as a firewall, and hardware, such as switches and routers - Internet of Things (IoT)/operational technology (OT) coverage — the solution supports microsegmentation for IoT/OT infrastructure - Kubernetes/Container coverage — the solution supports microsegmentation for containers/K8s
Gartner defines the OFD market as the market for solutions that detect and prevent fraudulent actions within digital channels (browsers and mobile apps). OFD solutions provide a spectrum of capabilities within digital channels to prevent direct and indirect financial losses and to mitigate risks. Their core capabilities: Mitigate the activity of malicious automated bots; Detect account takeover (ATO) attacks and trigger remedial actions; Detect fraudulent activity in high-risk events along the digital customer journey, such as when customers make payments, transfer funds, perform account management actions or access personally identifiable information (PII).
Reviews for 'Security Solutions - Others'
Gartner defines strategic cloud platform services (SCPS) as standardized, automated, public cloud offerings integrating infrastructure services (e.g., computing, network and storage), platform services (e.g., application, data and value-added services such as AI/ML) and transformation services (resources to help customers adopt cloud-oriented IT delivery models). Although owned by the service provider, infrastructure and platform services may be hosted in providers’ infrastructures or customers’ data centers. Services should be elastically scalable, metered by use, and consumable via web-based interfaces and programmable APIs. Transformation programs may be delivered by automated, self-service interfaces, and managed interactions facilitated by account teams/partners.
Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors. User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. User authentication is foundational to and protects the value of other functions with an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD); audit (individual accountability); and identity analytics.
Gartner defines zero trust network access (ZTNA) as products and services that create an identity and context-based, logical-access boundary that encompasses an enterprise user and an internally hosted application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities, which limits lateral movement within a network.