Proxedo API Security (PAS) is a specialized security gateway exclusively for protecting API-endpoints. It's a highly flexible network security solution that helps your enterprise gain control over the application traffic to prevent API-related breaches. Based on our deep packet inspection (DPI) technology you can validate, encrypt and analyze API traffic in detail. Thanks to our flexible architecture, you can enforce custom security policies without compromise.
PAS focuses specifically on API security, adding value even to your traditional WAF and API management tool.
Authentication of API clients
Validation of incoming/outgoing API calls
Deep inspection of API messages
TLS/SSL encryption of API traffic
Enforced data encryption
Customizable encryption policy towards communicating parties
Detailed debugging, security & audit logging
Customizable data extraction from traffic content
Forwarding to big data tools, log analyzers and SOCs/SIEMs
Protecting your organization from API breaches is the ultimate goal of Proxedo API Security. It extends security best practices to focus on attacks specific to APIs. The solution ensures that only permitted data is ever transmitted through your perimeter and prevents incorrect or potentially malicious data reaching your systems or sensitive data from being leaked.
PAS helps you understand what is going through your APIs. Your security team can improve security monitoring capabilities. IT operations can understand how APIs are being used, and how APIs can be improved. Your developers can check how their applications are performing. And business managers can analyze API transactions and make more informed decisions.
PAS can hide information about security risks and treat the vulnerabilities of your legacy applications. Your IT teams benefit from a proper perimeter protection in front of the APIs exposing your legacy system data. PAS can help you reduce the risks that arise when updating or patching a system is simply not an option.
All the regulations have one key requirement in common: they require regulated companies to protect customers’ data at rest and in transit. Proxedo API Security helps streamline your compliance efforts in your API environment through its comprehensive access control, encryption and logging capabilities.
PAS focuses exclusively on API security by offering a killer combination of enforcement, encryption and insight of the API traffic. As an extra security layer, it perfectly complements traditional WAFs and API management tools.
In contrast to API management providers where security is just a checkbox feature, Proxedo API Security focuses exclusively on API security by offering a killer combination of validation, transformation, encryption and analysis of API traffic.
Proxedo API Security offers high flexibility to adjust connection or logging parameters, making it easy to avoid bad trade-offs between productivity and the desired level of API security. Your administrators can implement custom API security policies without the slightest compromise.
Balasys has a flexible professional services team that helps you design, deploy, customize and support Proxedo-based solutions on-site. We can help you tailor your Proxedo API Security – we can configure the tool, customize data schemes, integrate with third-width-party tools and even develop custom modules.
Proxedo API Security is a highly customizable, reliable and resource-efficient security tool available at an affordable price. Combined with flexible integration services, engineer-to-engineer access, trainings and direct vendor support, the product represents one of the best value offerings on the API security market today.
Proxedo API Security is made in the EU and developed by a private Hungarian IT security company, Balasys.
Traffic validation ensures that traffic flowing to and from API endpoints adhere to the specifications. Not only is conformance to the HTTP protocol enforced, but each request and response is validated down to the field level against the schema describing the API.
Authentication of API clients
Validation of incoming/outgoing API calls
Deep inspection of API messages
Full interpretation of JSON and XML file formats
Proxedo API Security provides unparalleled means for extracting data of interest from API traffic and transferring them to various data warehouses and analytic tools. The deep understanding of calls and flexible configuration helps you extract all relevant data, in real time right from the source.
Detailed debugging, security & audit logging
Customizable data extraction from traffic content
Forwarding to big data tools, log analyzers or SOCs/SIEMs
Proxedo API Security can handle the TLS protocol (the secure layer of HTTP) in the traffic to ensure a consistent implementation of encryption in front of your back-end systems that don’t necessarily support TLS. This setup also allows flexible configuration of TLS towards various communicating parties.
TLS/SSL encryption of API traffic
Enforced data encryption
Customizable encryption policy towards communicating parties
Located in front of your backend servers, Proxedo API Security can also act as a load balancer for the servers. Thanks to its deep inspection capabilities, the gateway can apply versatile security enforcement policies.
Granular or default-deny security policies
Load-balancing between back-end services
Proxedo API Security can inspect HTTP(S) traffic against a signature database to detect attack patterns. This is a reliable tool for protecting your web services from known web threats.
Inspection of HTTP(S) traffic against a signature database
Detection of known attack patterns