API protection products protect APIs from exploits, abuse and access violations, and assist in remediating API exposures. These products perform API discovery and posture management and provide runtime protection. API protection products may be delivered as cloud-based or on-premises solutions. API protection products serve to provide capabilities to organizations that need to protect their data assets primarily from attacks against the first-party APIs they expose publicly. They also need to provide coverage for the internal APIs and the third-party APIs that they may consume. API products deliver a catalog of inventoried APIs, a prioritized list of remediations of API exposures and alerts on suspicious or malicious activity on APIs.
Gartner defines cloud WAAP as a category of security solutions designed to protect web applications irrespective of their hosted locations. Typically delivered as a service, cloud WAAP is offered as a series of security modules that provide protection from a broad range of runtime attacks. It offers protection from the Top 10 web application security risks defined by the Open Web Application Security Project (OWASP) and automated threats, provides API security, and can detect and protect against multiple sophisticated Layer 7 attacks targeted at web applications. Cloud WAAP’s core features include web application firewall (WAF), bot management, distributed denial of service (DDoS) mitigation and API protection.
The market for distributed denial of service (DDoS) mitigation includes vendors that detect and mitigate DDoS attacks and offer it as a dedicated offering. It includes specialty vendors, whose primary focus is DDoS mitigation, as well as providers that offer DDoS mitigation as a feature of other services. These include dedicated appliance-based vendors, communication service providers (CSPs), content delivery network (CDN) vendors, hosting providers and cloud infrastructure and platform services (CIPS) vendors.
Data masking is based on the premise that sensitive data can be transformed into less sensitive but still useful data. This is necessary to satisfy application testing use cases that require representative and coherent data, as well as analytics that involve the use of aggregate data for scoring, model building and statistical reporting. The market for data protection, DM included, continues to evolve with technologies designed to redact, anonymize, pseudonymize, or in some way deidentify data in order to protect it against confidentiality or privacy risk.
Data security platforms (DSPs) combine data discovery, policy definition and policy enforcement across data silos. Policy enforcement capabilities include format-preserving encryption, tokenization and dynamic data masking. These capabilities can be delivered through connectors, agents, proxies and APIs. Business requirements to leverage data and share data, for example for AI/ML use cases, require data security controls and highly-granular data access which is provisioned fast and humanly understandable. Tight-fitting data access and security controls allow you to reveal and share (leverage) more of your data. However, organizations face sufficient complexity when it comes to provisioning and rightsizing entitlements and data security controls. This extends to data privacy as well as analytics governance and ethics. The DSP delivers most of the required components critical to enabling good data governance and optimized data security controls while preventing the exponential increase of data access and policy rules.
Edge Distribution Platform (EDP) is a highly distributed, edge-based, integrated network and cloud delivery infrastructure. It provides as-a-service functionalities such as edge compute and storage, web application and perimeter security, content and API acceleration, and data and analytics and AI applications. Edge distribution platform providers offer these functionalities by deploying network, compute, storage and caching nodes across geographically distributed self-owned or third party data center locations. Figure 1 shows the functionalities and potential offerings provided from an edge distribution platform
Gartner defines the OFD market as the market for solutions that detect and prevent fraudulent actions within digital channels (browsers and mobile apps). OFD solutions provide a spectrum of capabilities within digital channels to prevent direct and indirect financial losses and to mitigate risks. Their core capabilities: Mitigate the activity of malicious automated bots; Detect account takeover (ATO) attacks and trigger remedial actions; Detect fraudulent activity in high-risk events along the digital customer journey, such as when customers make payments, transfer funds, perform account management actions or access personally identifiable information (PII).
Reviews for 'Security Solutions - Others'