{"id":1736032,"date":"2022-10-31T09:22:29","date_gmt":"2022-10-31T13:22:29","guid":{"rendered":"https:\/\/platoaistream.net\/?post_type=station&p=1736032"},"modified":"2022-11-05T20:13:33","modified_gmt":"2022-11-06T00:13:33","slug":"synack-expands-security-platform-with-adversarial-api-pentesting","status":"publish","type":"station","link":"https:\/\/platoaistream.net\/plato-data\/synack-expands-security-platform-with-adversarial-api-pentesting\/","title":{"rendered":"Synack Expands Security Platform With Adversarial API Pentesting"},"content":{"rendered":"
<\/div>\n

REDWOOD CITY, Calif., Oct. 31, 2022
\n\/ PRNewswire\/<\/strong> \u2014 Synack, the premier security testing platform, has
\nlaunched an API pentesting capability powered by its global community of
\nelite security researchers. Organizations can now rely on the Synack
\nplatform for continuous pentesting coverage across “headless” API
\nendpoints that lack a user interface and are increasingly exposed to
\nattackers. <\/p>\n

“Synack’s human-led, adversarial approach is ideal for testing
\nAPIs that form the backbone of society’s digital transformation,” said
\nSynack CTO and co-founder Mark Kuhr, a
\nformer National Security Agency cybersecurity expert. “We are thrilled
\nto offer customers a unique, scalable way to secure this growing area of
\ntheir attack surfaces.” <\/p>\n

Gartner estimates API abuses will be the most common source of data
\nbreaches in enterprise web applications this year. Synack enables
\norganizations to verify exploitable API vulnerabilities such as broken
\nauthorization and authentication \u2014 noted in the OWASP API top 10<\/a><\/u> \u2014 can’t be abused by malicious hackers.<\/p>\n

“Many organizations are struggling to find the top-tier cyber talent needed to root out API-specific vulnerabilities,” said Peter Blanks,
\nChief Product Officer at Synack. “We’re excited to extend our Synack
\nplatform to provide human-powered offensive security testing on APIs.” <\/p>\n

Synack’s headless API capability<\/a> builds
\non years of API pentesting experience through web and mobile
\napplications. The new platform features allow customers to enter API
\ndocumentation to guide testing scope and coverage. Next, researchers
\nwith the Synack Red Team attempt to exploit API endpoints in the way a
\nreal external adversary would. <\/p>\n

Of the Synack Red Team’s over
\n1,500 global members, only those with proven API testing skills are
\nactivated on API requests, reducing noise. Synack’s Special Projects
\ndivision led over 100 successful pentests against headless APIs in 2022,
\nproviding customers with critical proof-of-coverage reports while
\nvalidating researchers’ API expertise.<\/p>\n

Vulnerability submissions
\nand testing reports are routed through Synack’s Vulnerability Operations
\nteam for a rigorous vetting process before being displayed in the
\nplatform, minimizing false positives and ensuring high-quality results. <\/p>\n

For more information about Synack’s API security testing, please visit www.synack.com<\/a>. <\/p>\n

ABOUT SYNACK <\/strong><\/p>\n

Synack’s premier on-demand security testing platform harnesses a
\ntalented, vetted community of security researchers and smart technology
\nto deliver continuous penetration testing and vulnerability management,
\nwith actionable results. We are committed to making the world more
\nsecure by closing the cybersecurity skills gap, giving organizations
\non-demand access to the most trusted security researchers in the world.
\nHeadquartered in Silicon Valley with regional teams around the world,
\nSynack protects federal agencies, DoD classified assets and a growing
\nlist of Global 2000 customers, uncovering over 13,000 vulnerabilities
\nfor clients in 2021 alone. For more information, please visit www.synack.com<\/a>.<\/p>\n

SOURCE:<\/strong> Synack<\/p>\n","protected":false},"author":1,"featured_media":1576363,"template":"","meta":{"_eb_attr":"","type":"","auto_type":false,"post":"","stream":"","stream_url":"","waveform_data":[],"duration":0,"bpm":0,"downloadable":false,"download_url":"","purchase_title":"","purchase_url":"","post-count-all":0,"like_count":0,"download_count":0,"editor_note":"","copyright":"","captions":[]},"genre":[10650],"artist":[15693],"mood":[],"activity":[],"station_tag":[3884,15679,15663,7027,6174,4897,15659,15662,5133,15665,6535,5026,6464,9242,7457,14558,8453,15312,9642,14556,5367,15675],"_links":{"self":[{"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/station\/1736032"}],"collection":[{"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/station"}],"about":[{"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/types\/station"}],"author":[{"embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/media\/1576363"}],"wp:attachment":[{"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/media?parent=1736032"}],"wp:term":[{"taxonomy":"genre","embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/genre?post=1736032"},{"taxonomy":"artist","embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/artist?post=1736032"},{"taxonomy":"mood","embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/mood?post=1736032"},{"taxonomy":"activity","embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/activity?post=1736032"},{"taxonomy":"station_tag","embeddable":true,"href":"https:\/\/platoaistream.net\/wp-json\/wp\/v2\/station_tag?post=1736032"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}