OMB Individually Reported

API Security Vulnerability Technology

Low riskExact public inventory row

Description

Discover, ingest, and analyze APIs to create and run thousands of custom attack scenarios against every build prior to production. Catch security vulnerabilities as early in the software development life cycle (SDLC) as possible. Educate and empower security and dev teams on sound API security strategies.

Detailed example

The AI system is intended to output custom reports on identified vulnerabilities within application programing interfaces (APIs). These reports will Include the identified risk and a summary of the risk, as well as tailored remediation guidance based on the applications, environment, data, and tests conducted for end-users.

AI / analytics pattern

Classical/Predictive Machine Learning: Models trained on data to make predictions or classifications based on identified patterns or relationships.

Automation level / stage

a) Pre-deployment – The use case is in a development or acquisition status.

Expected benefit

With the necessity of leveraging application programing interfaces (APIs) for applications across the enterprise, this AI technology is intended to run thousands of custom attack scenarios against APIs on a continuous basis. This will help to identify potential security vulnerabilities prior to production level deployments, and enable the enterprise to develop essential remediations, if required. Additionally, the techonlogy is intended to provide continuous monitoring on APIs to provide real-time alerts on new potential vulnerabilities.

Controls / human review

ATO: Not reported; PIA: Not published