New solution offers end-to-end API discovery, compliance, and threat mitigation in partnership with Salt Security
HCLSoftware has launched HCL AppScan API Security, a powerful new solution built to help organizations gain complete visibility into their API ecosystems and protect against a rapidly evolving threat landscape. Developed in partnership with Salt Security, the solution addresses one of today’s most urgent cybersecurity priorities: API protection.
With APIs now powering more than 50% of all web traffic and driving everything from cloud services to mobile apps and IoT devices, they have also become the top target for cybercriminals. HCL AppScan API Security empowers security teams with AI-powered discovery, runtime protection, vulnerability testing, and real-time insights across the API lifecycle.
“Robust API security is now a boardroom conversation – and AppScan delivers visibility and control like never before,” said Rajesh Iyer, Executive Vice President at HCLSoftware.
Tackling API Security Blind Spots with AI and Automation
HCL AppScan API Security helps reduce hidden vulnerabilities by automatically discovering and inventorying all API assets, including shadow and zombie APIs. Integrated with dynamic application security testing (DAST), the platform enables businesses to:
- Identify sensitive data in transit
- Enforce corporate API standards
- Assign ownership and context to APIs
- Maintain continuous compliance with GDPR, HIPAA, PCI DSS, and more
- Address risks based on OWASP API Security Top 10 best practices
“Robust API security is now a boardroom conversation – and AppScan delivers visibility and control like never before.” – Rajesh Iyer, EVP, HCLSoftware
According to Colin Bell, CTO of HCL AppScan, “One of the key capabilities is continuous API inventory discovery. This gives teams crucial insight into their true security posture.”
Addressing a Surge in API Attacks
The launch comes in the wake of troubling trends. The 2024 State of API Security Report by Salt Security found that 37% of organizations faced API-related security incidents last year — double from the year before. Many of these attacks exploited flaws outlined in OWASP’s API Top 10, including Broken Object Level Authorization (BOLA) and Excessive Data Exposure.
“Together with HCLSoftware, we’re delivering unmatched visibility and real-time governance,” added Michael Nicosia, COO and Co-founder of Salt Security. “Our integration helps identify undocumented APIs and uphold compliance at scale.”