API protection products protect APIs from exploits, abuse and access violations, and assist in remediating API exposures. These products perform API discovery and posture management and provide runtime protection. API protection products may be delivered as cloud-based or on-premises solutions. API protection products serve to provide capabilities to organizations that need to protect their data assets primarily from attacks against the first-party APIs they expose publicly. They also need to provide coverage for the internal APIs and the third-party APIs that they may consume. API products deliver a catalog of inventoried APIs, a prioritized list of remediations of API exposures and alerts on suspicious or malicious activity on APIs.
Gartner defines cloud WAAP as a category of security solutions designed to protect web applications irrespective of their hosted locations. Typically delivered as a service, cloud WAAP is offered as a series of security modules that provide protection from a broad range of runtime attacks. It offers protection from the Top 10 web application security risks defined by the Open Web Application Security Project (OWASP) and automated threats, provides API security, and can detect and protect against multiple sophisticated Layer 7 attacks targeted at web applications. Cloud WAAP’s core features include web application firewall (WAF), bot management, distributed denial of service (DDoS) mitigation and API protection.
The market for distributed denial of service (DDoS) mitigation includes vendors that detect and mitigate DDoS attacks and offer it as a dedicated offering. It includes specialty vendors, whose primary focus is DDoS mitigation, as well as providers that offer DDoS mitigation as a feature of other services. These include dedicated appliance-based vendors, communication service providers (CSPs), content delivery network (CDN) vendors, hosting providers and cloud infrastructure and platform services (CIPS) vendors.
Email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email. Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture. Effective email security requires not only the selection of the correct products, with the required capabilities and configurations, but also having the right operational procedures in place.
Gartner defines “content delivery networks” as highly distributed edge-based cloud delivery platforms that provide the following functionality: content acceleration, API caching, image optimization, streaming video delivery, web application and perimeter security, and edge compute and storage. CDN providers deploy tens to hundreds of caching, storage and compute nodes in owned and third-party data center locations via public and private Internet Protocol networks.
Gartner defines security service edge (SSE) as a solution that secures access to the web, cloud services and private applications regardless of the location of the user or the device they are using or where that application is hosted. SSE protects users from malicious and inappropriate content on the web and provides enhanced security and visibility for the SaaS and private applications accessed by end users. Security service edge provides a primarily cloud-delivered solution to control access from end users and edge devices to applications (private or delivered via SaaS) as well as websites (and to a lesser extent general internet traffic). It provides a range of security capabilities, including adaptive access based on identity and context, malware protection, data security, and threat prevention as well as the associated analytics and visibility. It enables a hybrid workforce more efficiently than traditional on-premises solutions. Capabilities that are integrated across multiple traffic types and destinations allow a more seamless experience for both users and admins while maintaining a consistent security stance.
Reviews for 'Security Solutions - Others'
TI products and services deliver knowledge, information and data about cybersecurity threats and other organization-specific threat exposures, including but not limited to indicators of compromise (IOCs), threat actor attribution and campaigns. The output of these products and services aim to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce risk and the chance of being compromised.
Gartner defines single-vendor secure access service edge (SASE) offerings as those that deliver multiple converged-network and security-as-a-service capabilities, such as software-defined wide-area network (SD-WAN), secure web gateway (SWG), cloud access security broker (CASB), network firewalling and zero trust network access (ZTNA). These offerings use a cloud-centric architecture and are delivered by one vendor.
Gartner defines zero trust network access (ZTNA) as products and services that create an identity and context-based, logical-access boundary that encompasses an enterprise user and an internally hosted application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities, which limits lateral movement within a network.