Levo.ai API Security Platform Feature Updates - July 2024

July 30, 2024

Levo.ai API Security Platform Feature Updates - July 2024

This month's Levo team brings to you significant advancements to ensure robust security across your entire API ecosystem.

We’ve introduced test runners to ensure the safety of your internal APIs, RBAC for enhanced compliance and insider threat mitigation, direct configuration of eBPF sensors and satellites via our UI, and an integration with AWS API Gateway.

Testing Internal APIs:

Securing your internal APIs is now just a click away!

Most security vendors have always disproportionately focused on external APIs at the cost of internal APIs. Not only does this widen the attack surface but it also propagates the myth that attackers do not target internal APIs.

This couldn’t be further from the truth as attacks on internal APIs are rampant and growing, with 13% of attack attempts being made on internal APIs.

We at Levo.ai understand this and since the beginning have prioritized visibility and testing across the entire API ecosystem, not just external APIs. Our eBPF sensor discovers and documents all APIs including internal APIs and our CLI has been used to test them.  

But now with the introduction of our test runners, your DevSecOp teams can run tests on internal APIs right from the dashboard instead of installing the CLI every time. Ensuring that you test your internal APIs with the same rigor and regularity as external ones.

Have a look ⬇️

Role-Based Access Control:

Take your regulatory compliance to the next level with Levo’s RBAC implementation

Being a security vendor to several fintech enterprises, we understand how important compliance with industry standards like PCI DSS is for our customers to build customer trust.

Our RBAC will not only support such compliance efforts but also help enterprises battle insider threats (which surprisingly account for 60% of the data breaches).

Restricting our functionalities to only what professionals need to do their jobs, enterprises no longer need to monitor who is doing what within our platform. This will also simplify the platform for users.

Have a look⬇️

Configure eBPF Sensors and Satellite Directly Through Our UI

The current economic downturn is tough on everyone, and high cloud costs worsen it. As most platforms consume a lot of cloud resources, this deters many enterprises from important initiatives like API Security.

According to a recent report, enterprises can spend up to 30% of their cloud budget on inefficient resource usage. This significant waste can quickly add up, impacting the overall budget and resource allocation.

Inefficiencies in agent and platform design make it worse.

Yet neither of these factors should be a concern with Levo.

While our eBPF agent and satellite have always been designed to capture and process only minimal and necessary traffic, our new feature enhances this.

Engineering and security leaders can now configure both directly from the UI, saving time and cloud resources that would otherwise be spent relying on engineers. They also have the flexibility of capturing, monitoring, and testing APIs separately for every environment.

Have a look⬇️

Integration with AWS API Gateway:

How do enterprises detect attacks on their APIs?

In an ideal world, it would be through rigorous monitoring and logging but another method takes precedence over it.

Over 52% of the surveyed enterprises identify attack attempts from API Gateways. While this is a great addon that Gateways provide, by the time these alerts are generated it's often too late.

Some if not most damage is done, so we at Levo.ai have paired with Amazon Web Services (AWS) API Gateway to provide comprehensive API observability.

Go through this blog to learn more about this integration and how it facilitates robust API visibility.

elliptical light

Flexibility for the Modern Enterprise

  • Runtime Agnostic
  • Cloud Agnostic
  • Programming Language Agnostic

Subscribe for experts insights on application security.

Oops! Something went wrong while submitting the form.