Graylog, a leading provider of SIEM and log management solutions, has announced its acquisition of Resurface.io’s data-driven API security platform. This strategic move aims to enhance Graylog’s security portfolio and provide enterprise customers with a comprehensive solution to combat the evolving challenges in the API security landscape. The newly acquired product will be named Graylog API Security.
In recent years, APIs have become one of the most exposed attack surfaces, making it crucial for organizations to fortify their defenses against API-related threats. The distinct expertise and innovative technologies of Resurface.io will play a key role in achieving this goal. By integrating the Resurface API solution, which captures complete API traffic data for insights into attacks and threats, with Graylog’s existing SIEM solution, customers will benefit from seamless API security monitoring, threat detection, and incident response capabilities.
Graylog CEO, Andy Grolnick, emphasized the increasing vulnerability of APIs to cybercriminals. He highlighted that most APIs are exposed due to a lack of security monitoring, authentication issues, and other vulnerabilities, leading to the theft of personal records, ransomware attacks, and other damaging exploits. Grolnick stressed the need for a purpose-built API security solution focused on detecting and responding to API-specific threats, working in conjunction with a SIEM to provide a more comprehensive defense.
The integration of Resurface.io’s data-driven API security solution with Graylog’s award-winning SIEM platform empowers organizations to proactively safeguard their APIs and positions Graylog as the sole SIEM provider offering an API Security solution. Unlike other API solutions in the market, Graylog API Security works harmoniously with existing Web Application Firewalls (WAF) and API gateways, providing an additional layer of defense against even sophisticated attacks from authenticated users. This unique feature minimizes disruptions for the security team while improving the overall security posture of organizations within minutes.
The key advantages of Graylog’s API Security solution include guided threat detection and response, continuous and uninterrupted monitoring, full request and response payload analysis, secure self-managed solution, and effortless implementation and maintenance. With pre-configured alerts, clear explanations, and actionable steps tailored to each API, organizations can proactively respond to threats effectively, including coverage for the OWASP Top 10 vulnerabilities.
Graylog’s API Security solution offers real-time threat detection without impacting application performance, regardless of the number of threat signatures checked. It goes beyond request header data, offering full request and response payload analysis. This capability enables precise alerts, efficient retroactive threat hunting, incident investigation forensics, and insightful trend analysis.
The solution is designed as a secure, self-managed system, ensuring that sensitive data remains in-house, minimizing concerns related to third-party disruptions and personal identifiable information (PII) risks. Additionally, implementing and maintaining Graylog API Security is effortless, thanks to its self-contained security data lake and modern Kubernetes architecture. This ease of use and cost-effectiveness make it suitable for smaller enterprises as well.
Founder of Resurface.io, Rob Dickinson, expressed his enthusiasm about becoming part of Graylog and joining forces to contribute Resurface’s expertise in API security to Graylog’s innovative portfolio. Resurface.io’s SIEM approach to API threat detection aligns perfectly with Graylog’s vision. The integration will enable Graylog to reach a broader audience, accelerate product advancements, and provide customers with unparalleled protection for their API ecosystems.
Graylog API Security is available immediately. Organizations interested in learning more about the solution and seeing a brief demo can visit the official Graylog website.
About Graylog:
Graylog is revolutionizing cybersecurity by offering robust and cost-effective solutions to protect organizations against cyber threats. Leveraging AI/ML, security analytics, advanced log management, and intelligent alerting, Graylog enables proactive threat management. Unlike traditional complex and expensive SIEM solutions, Graylog Security is user-friendly and affordable, delivering a superior cybersecurity experience. Whether organizations are looking for a comprehensive cybersecurity solution or a way to streamline IT operations, Graylog provides the necessary tools for success. For more information, visit the official Graylog website, and follow Graylog on Twitter and LinkedIn for regular updates on their offerings.