Click here to close now.

SYS-CON MEDIA Authors: Liz McMillan, Carmen Gonzalez, Pat Romanski, AppDynamics Blog, Roger Strukhoff

News Feed Item

SOA Software Extends API Security and Threat Protection Capabilities

SOA Software, an API Management and SOA Governance leader, today announced a major new release of its API Gateway with significantly upgraded security and threat protection capabilities to provide a comprehensive, hardened, and integrated API security solution. This release establishes a new standard for an integrated solution that combines security, integration, and mediation capabilities delivered both in the cloud and on-premise.

“Enterprises are rapidly shifting the way they do business by embracing new digital channels and opening their data and applications through APIs, both internally and externally,” said Alistair Farquharson, Chief Technology Officer at SOA Software. “With this new release, customers can securely extend their business processes and data for consumption as APIs by leveraging the API Gateway’s unique ability to mitigate threat risk across platforms, devices, and channels. They can now protect their APIs from sophisticated attacks, hacks and a myriad of other threats. API Security has never been so powerful and comprehensive, and yet easy to enforce.”

SOA Software’s API Gateway provides a comprehensive security and threat protection solution for enterprise APIs. It covers a wide range of use cases, including threats related to identity and access, message encryption, and compliance. The API Gateway streamlines development, management, and operation of APIs; enhancing security and regulatory compliance through authentication, authorization and audit capabilities. It is available in the cloud, on-premise, or as a virtual appliance for ease of installation and configuration.

The latest release of SOA Software’s API Gateway includes:

  • Threat Protection: Protect APIs against unintentional or intentional attacks and abuse including Denial-of-Service, SQL and JavaScript or XPath Query attacks. The API Gateway provides a content firewall that defends against malicious content like viruses, or malformed JSON or XML data structures.
  • Authentication and Authorization: Choose from a wide array of authentication schemes, standards and token types to ensure that only valid users and applications can access APIs. The API Gateway supports integration with leading single-sign-on and Identity and Access management providers
  • Transport and Message Level Security: Ensure the privacy of customers’ data in flight and at rest (a key requirement for PCI compliance). The API Gateway supports SSL & TLS with comprehensive key and certificate generation, distribution and management using built-in PKI services.
  • Advanced Scripting: Make changes easily and quickly without the need to rebuild or redeploy services or applications using common scripting languages, such as JavaScript. Powerful server-side scripting capabilities enable users to define additional customizations.
  • Wide Support of Security Standards: Make integration and security administration seamless. The API Gateway provides extensive support for standards like OAuth, SAML, SHA, LDAP, Kerberos, HMAC, X.509 certificates, WS-Security and SSL client authentication.
  • PCI DSS 2.0 Compliant: Satisfy PCI criteria for a compliant network. SOA Software’s PCI-compliant cloud offers an extensive, secure network coupled with 24/7 technical support to mitigate risks that can compromise sensitive data security.

For more information about SOA Software API Gateway, see www.soa.com/solutions/api-gateway.

About SOA Software

SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accelerate their digital channels with APIs, drive partner adoption, monetize their assets, and achieve agility and operational excellence across their applications and datacenters. Some of the world’s largest companies including Bank of America, Pfizer, and Verizon use SOA Software products. SOA Software is also recognized as a “Leader” by Gartner in Application Services Governance MQ and as a leader by other analyst firms. For more information on SOA Software’s API Platform, see http://www.soa.com

All product and company names herein may be trademarks of their registered owners.

SOA Software, Community Manager, API Gateway, Lifecycle Manager, OAuth Server, Policy Manager, Portfolio Manager, Repository Manager, Service Manager, API Manager, and SOLA are trademarks of SOA Software, Inc.

For more information, please contact: [email protected]

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Why does developer experience matters, what makes for a great developer experience and what is the relationship between developer experience and the broader field of user experience? Software developers are gaining more influence over the purchase decisions of technologies with which they must build on and with which they must integrate. For example, the success of Amazon Web Services, Heroku and MongoDB has been driven primarily by individual software developers choosing to use these tools, ra...
Software Defined Storage provides many benefits for customers including agility, flexibility, faster adoption of new technology and cost effectiveness. However, for IT organizations it can be challenging and complex to build your Enterprise Grade Storage from software. In his session at Cloud Expo, Paul Turner, CMO at Cloudian, looked at the new Original Design Manufacturer (ODM) market and how it is changing the storage world. Now Software Defined Storage companies can build Enterprise grade ...
SYS-CON Events announced today that EnterpriseDB (EDB), the leading worldwide provider of enterprise-class Postgres products and database compatibility solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. EDB is the largest provider of Postgres software and services that provides enterprise-class performance and scalability and the open source freedom to divert budget from more costly traditiona...
Fundamentally, SDN is still mostly about network plumbing. While plumbing may be useful to tinker with, what you can do with your plumbing is far more intriguing. A rigid interpretation of SDN confines it to Layers 2 and 3, and that's reasonable. But SDN opens opportunities for novel constructions in Layers 4 to 7 that solve real operational problems in data centers. "Data center," in fact, might become anachronistic - data is everywhere, constantly on the move, seemingly always overflowing. Net...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
T-Mobile has been transforming the wireless industry with its “Uncarrier” initiatives. Today as T-Mobile’s IT organization works to transform itself in a like manner, technical foundations built over the last couple of years are now key to their drive for more Agile delivery practices. In his session at DevOps Summit, Martin Krienke, Sr Development Manager at T-Mobile, will discuss where they started their Continuous Delivery journey, where they are today, and where they are going in an effort ...
Gartner predicts that the bulk of new IT spending by 2016 will be for cloud platforms and applications and that nearly half of large enterprises will have cloud deployments by the end of 2017. The benefits of the cloud may be clear for applications that can tolerate brief periods of downtime, but for critical applications like SQL Server, Oracle and SAP, companies need a strategy for HA and DR protection. While traditional SAN-based clusters are not possible in these environments, SANless cluste...
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
The OpenStack cloud operating system includes Trove, a database abstraction layer. Rather than applications connecting directly to a specific type of database, they connect to Trove, which in turn connects to one or more specific databases. One target database is Postgres Plus Cloud Database, which includes its own RESTful API. Trove was originally developed around MySQL, whose interfaces are significantly less complicated than those of the Postgres cloud database. In his session at 16th Cloud...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what th...
To manage complex web services with lots of calls to the cloud, many businesses have invested in Application Performance Management (APM) and Network Performance Management (NPM) tools. Together APM and NPM tools are essential aids in improving a business's infrastructure required to support an effective web experience... but they are missing a critical component - Internet visibility. Internet connectivity has always played a role in customer access to web presence, but in the past few years u...
There's Big Data, then there's really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at Big Data Expo®, Hannah Smalltree, Director at Treasure Data, discussed how IoT, Big D...
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? In this Power Panel at DevOps Summit, moderated by Jason Bloomberg, the leading expert on architecting agility for the enterprise and president of Intellyx, panelists will peel away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud en...
SYS-CON Events announced today that the "First Containers & Microservices Conference" will take place June 9-11, 2015, at the Javits Center in New York City. The “Second Containers & Microservices Conference” will take place November 3-5, 2015, at Santa Clara Convention Center, Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize sup...