[Redmond, 11/15/2023] – We are excited to announce the General Availability of Microsoft Defender for APIs, designed to protect organizations against API security threats. Defender for APIs offers full lifecycle protection, detection, and response coverage for organizations’ managed APIs.
Recognized by Gartner as a Representative Vendor in its 2023 Market Guide on Cloud Native-Application Protection Platform (CNAPP), Microsoft Defender for Cloud seamlessly combines cloud security and compliance capabilities into a single platform to provide end-to-end protection for your cloud applications. Defender for APIs fills a key gap in the CNAPP category with the ability to gain visibility into business-critical APIs, understand their security posture, prioritize vulnerability fixes, and detect active runtime threats within minutes.
Microsoft Defender Cloud Security Posture Management (CSPM) Integration. Defender for APIs together with Defender CSPM offers a seamless integration to incorporate API security insights into your security context and support risk prioritization. This integration enables you to effectively identify and address security recommendations related to unused and unauthenticated APIs, leveraging contextual information such as the external exposure of APIs and the exchange of sensitive data. You can use the pre-defined query templates to prioritize and take action on the risks associated with your APIs.
API Attack path analysis. Leverage API attack paths to Identify security issues due to misconfigured APIs that pose significant threat to your cloud environment. You can now visualize and comprehend the entry point into cloud applications provided by APIs, track lateral data movement, and identify risks through actionable insights and recommendations.
Enrich API data security with Microsoft Information Protection (MIP) Purview Integration. With native integration into Microsoft MIP Purview through Defender for Cloud's Data Aware Security engine, organizations can classify data exchanged via APIs for sensitivity using both pre-defined and custom information types and labels. The labeling provides a view into organizations’ classified API assets to take actions based on governance policies. The API classification also provides a context to the API Security posture (Defender CSPM Security Explorer and Attack Paths), enabling central security teams to prioritize API risks and triage API threats.
Enable full lifecycle API protection from code to cloud (Now in Public Preview). We are also excited to announce a partnership with API security testing provider, 42Crunch, which makes Microsoft the only cloud provider that enables organizations to assess risk and address API threats across the entire cloud application lifecycle. Most APIs are created by in-house developers, who typically are not security experts. By empowering developers to code and configure APIs securely early in the development lifecycle, Defender for Cloud helps organizations deliver cloud applications that are secure-by-design from the start of development to continuous security throughout production. This partnership integration ensures Defender for Cloud customers have an option to gain security coverage for vulnerabilities that can only be assessed by proactive API security testing, along with enabling centralized visibility and governance for security teams within Defender for Cloud. This integration is now available in Public Preview, with support for GitHub (support for Azure DevOps to come soon). Learn more about this partnership integration in the 42Crunch Press Release
Why Defender for APIs?
Defender for APIs sets the stage for comprehensive API security coverage and empowers organizations to protect their APIs and data from malicious actors. Defender for APIs helps you to gain visibility into business-critical APIs. You can investigate and improve your API security posture, prioritize vulnerability fixes, and quickly detect and respond to active real-time threats. You can Integrate security alerts directly into your Security Incident and Event Management (SIEM) platform like Sentinel for investigation and triage.
Defender for APIs can help you:
- Gain a unified inventory and aggregated view of all your Azure API management in a single dashboard.
- Classify APIs that handle sensitive data and supporting risk prioritization.
- Harden API configurations and easily assess API gateway for security best practice controls.
- Address Security recommendations to identify unused and unauthenticated APIs.
- Assess API security findings in Cloud Security Explorer and API attack path analysis.
- Gain a comprehensive coverage of the OWASP API Top 10 threats, including data exfiltration and volumetric attacks.
- Leverage workflow automations to action on your API security recommendations and findings.
-
Stay up to date with API Security workbook that provides summary of posture findings and security alerts.
- Seamlessly integrate with Microsoft Sentinel and other popular SIEM solutions for efficient threat remediation.
Getting Started with Defender for APIs
To get started and protect your APIs managed by Azure API Management follow the onboarding documentation. Enabling the plan takes minutes from either the Azure API Management or Defender for Cloud Plans. To start protecting your APIs, select your APIs to be onboarded from security recommendations. Microsoft Defender for APIs pricing is available with flexible plan options based on the usage of your managed APIs hosted in the subscription's Azure API Management instance. See here for our pricing information.
**Organizations already using Defender for APIs in public preview will be migrated to Defender for APIs GA solution and continue to receive protection.
For more information on Defender for APIs and to start enhancing your API security, visit the Overview of the Microsoft Defender for APIs plan - Microsoft Defender for Cloud | Microsoft Learn