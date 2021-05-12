Enabling the industry to go beyond 'Black Box' and 'White Box' testing to a new 'Grey Box' approach that uses behavior insights from production data to proactively simulate attacks

TEL AVIV, Israel, May 12, 2021 /PRNewswire/ -- Imvision, a market leader in API security technology for enterprises, is announcing today the release of BLAST - Business Logic Automated Security Testing - to enable security teams to take a more proactive approach to protect their APIs, going from production back to design. With BLAST, enterprises benefit from the ability to integrate and enforce security testing standards directly into the development cycle, reducing costs and accelerating time to remediation.

According to a recent survey conducted by Imvision, the importance of API Security continues to grow and is now a top priority among contemporary security leaders. Statistics indicate that more than 91% of security leaders intend to make API security a priority over the next year, with more than half of security leaders (53%) stating that security testing is one of the top-3 API security priorities, along with access control and runtime protection. Together, these three components show a strong push for an 'API Security Backbone' among modern enterprises aiming for a robust API security program.

"The type of bugs which lead to vulnerabilities at the business logic level are very hard to identify in staging using manual processes," said Sharon Mantin, CEO of Imvision. "We routinely hear from our clients that existing solutions for security testing aren't up for the challenge, and accordingly, 50% of enterprise security leaders don't even have plans to use SAST or DAST for API security. Security testing is proving to be a real bottleneck for enterprises, leading them to compromise on either scope, depth or frequency."

This new tool is a major step towards building the much anticipated 'API Security Backbone', as it extends the runtime protection capabilities of Imvision's API Security Platform by simulating API attacks in a staging environment. Once the API business logic is learned through API discovery, users can simulate attacks that attempt to manipulate the API, exposing vulnerabilities and automatically delivering insights and recommendations back to developers.

Imvision helps security teams make sure that automated security testing of APIs becomes an integral part of the build process, helping dev, sec and ops focus on what matters most, save time with quick fixes, and collaborate effectively. BLAST fully addresses the OWASP API Top 10 and other functional attacks, and is easily integrated with existing developer tools.

About Imvision

At Imvision, we help enterprises open up without being vulnerable. It's about making sure that every interaction between people, businesses, and machines can be trusted.

Imvision's platform helps enterprise security leaders, including Fortune 500 companies, discover, test, detect and prevent API breaches. We help you automatically give every API the protection it deserves - at any scale, across the lifecycle.

By using NLP-based technology to analyze each API's unique dialogue and understand the application's behavior, security and development teams can stay ahead of attackers, focus on what really matters and minimize time-to-remediation.

