GigaOm Radar for Application and API Securityv2.03

Table of Contents

  1. Summary
  2. Market Categories and Application Protection
  3. Key Criteria Comparison
  4. GigaOm Radar
  5. Vendor Insights
  6. Analyst’s Take

1. Summary

Application development architecture has been changing to accommodate new platforms, processes, and application needs. Increasingly, applications are collections of application programming interfaces (APIs), both public and private, connected in the core application to a user interface (UI).

This combination creates an application that’s more difficult to protect than those traditionally secured by web application firewalls (WAFs). Modern applications require all the functionality of WAFs plus all of the protection offered by API security and API management products. Together, these types of protection create a comprehensive application and API security (AAS) solution category.

Application deployment architectures have also changed—applications can be spread across multiple clouds, running in Kubernetes, hosted in a data center, or co-hosted with a vendor. AAS products must protect all important parts of the overall application and protect them wherever they are deployed.

Critical to protecting modern applications is understanding them. AAS products provide two tools to help understand and validate the application via its APIs. The first is API import from definition, whether WSDL, OpenAPI, or another standard. This helps to understand what the API should be doing. The other is runtime detection of APIs, which covers what the API is doing. It also offers a view of APIs that are outside the system and do not have a valid API definition file—which is often the majority of an organization’s APIs.

As application architectures became more complex, the sophistication and volume of attacks increased as well, causing a litany of issues for IT staff. The volume of attack data, the number of attack vectors, and dispersion of attack activity all make protecting applications harder. AAS products need to either block known and identifiable attacks outright or offer advanced filtering of data that’s escalated to IT staff to keep the volume of alerts at a manageable level.

There are many attack vectors, some requiring unique protection capabilities. The AAS space requires that application-layer distributed denial of service (DDoS) attacks be protected against while other well-known attacks are detected and/or blocked at the same time—even though these two types of protection generally utilize different detection and remediation techniques.

Integration with security information and event management (SIEM) solutions allows this critical piece of application security to be included in post-mortem and even secondary detection generated and managed on the SIEM solution.

This is the second year that GigaOm has reported on the AAS space in the context of our Key Criteria and Radar reports. This report builds on our previous analysis and considers how the market has evolved over the last year.

This GigaOm Radar report highlights key AAS vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Application and API Security Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.