Edgio Releases Security Platform Controls Aimed at Thwarting Automated Threats

Edgio

Edgio, the platform of choice for security, speed and simplicity at the edge, announced new security features aimed at giving customers robust controls to secure APIs and mitigate the risks of automated attacks. Edgio’s API security solution is enhanced by the addition of JSON Web Token (JWT) authentication to secure customers’ API endpoints, as well as significant improvements to its Advanced Rate Limiting solution to protect customers from evolving application DDoS threats.

With the inclusion of JWT validation, Edgio customers can perform authorization of their API requests at the edge, ensuring users are authenticated and have the right access level to perform designated functions on their API endpoints. JWT validation is a critical piece in protecting against broken authentication, an OWASP Top 10 API risk. Gartner also noted last year that “50% of data theft will be due to unsecured APIs by 2025.”

Additionally, this feature allows customers to transition their API Gateway functions from cloud infrastructure to the edge, leveraging Edgio’s ultra-low latency environment to improve the performance and security of API traffic. This enhancement gives customers granular control over API access while providing real time mitigation of attacks closest to where they originated from. This further amplifies the availability and reduces costs for operating mission critical API endpoints.

Also Read: Lucinity and Resistant AI Partner to Deliver Advanced AI-Powered FinCrime Prevention Solutions

Edgio also made several significant enhancements to its Advanced Rate Limiting solution, which provides additional controls to protect against a wide range of automated threat use cases including fraud, DDoS, and API abuse. Customers can now track user requests across longer periods of time to detect low and slow DDoS attacks designed to exhaust their resources without a noticeable spike. The ability to incorporate user session and supplemental custom identifiers (in the form of TLS fingerprints) enable customers to shape their application traffic granularly, ensuring accurate detection of advanced persistent attacks and maximizing application uptime during attacks.

Furthermore, the platform will offer response-based rate limiting to arm customers against sophisticated attacks designed to bust cache and generate elevated errors overwhelming their applications. This ability is particularly useful in protecting customers’ APIs and authentication endpoints against credential stuffing or application DDoS attacks. Edgio has been using this technique to successfully mitigate attacks from aggressive DDoS campaigns launched by hacktivist groups during the first year of the war in Ukraine.

SOURCE: BusinessWire