This article is part of a multi-part series about interesting APIs that were added to our directory during 2017. Security and Privacy APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.
Security continues to be a huge concern for application users, developers, and API providers alike. In the past year there were massive breaches (such as the Equifax breach) that exposed holes in security workflows, as well as other breaches (at T-Mobile and Accenture) that illustrated the perils of ignoring basic API security best practices. Before releasing an application, developers need to be aware of vulnerabilities using Webhooks APIs, bot attacks, and other potential threats and vulnerabilities to defend against these exploits. Security APIs for securing applications can help, and along with Privacy, Verification, Background, Passwords, Identity, Biometrics, and Privacy APIs, are covered in this segment of the most interesting APIs of 2017.
Cisco Umbrella is the company’s Secure Internet Gateway in the cloud. The Cisco Umbrella Investigate API integrates cloud security and allows the querying of the Umbrella DNS database. With the API, developers can get data returned such as domain status, pattern search, and other security information.
Castle provides a platform for application developers to protect their apps and users from hackers and other malicious attacks. Castle API can analyze user and site behavior to reveal suspicious activity.
Manage users, authentication, and events with the Castle API. Image: Castle
Digify offers secure file sharing capabilities which can be used for digital rights management, and compliance. The Digify API offers several services including tracking, encryption, and watermarking. Digify supports several output formats such as PDF, Word, PowerPoint, Excel, and more. Digify offers 3 paid plans, and also an enterprise solution.
Screenshot: Digify
Wallarm is a security platform that detects and defends against threats against applications and APIs. Theeir solution provides a Web application firewall (WAF) and vulnerability scanner. The Wallarm REST API allows developers to integrate the service and set up searches, manage users, and retrieve events and event logs.
Wallarm security features Screenshot: Wallarm
Twizo is a fully encrypted Two Factor Authentication (2FA) and verification service. The Twizo API returns data of secure 2-factor authentication, including number lookup and messaging as verification options.
Sqreen is a provider of in-app security and data protection solutions. The Sqreen API supports the detection of hidden security risks in data. The API screens emails and IP addresses to determine their validity. For example, it is capable of detecting emails from anonymous sources or IP addresses that are Tor exit points.
Dark Gray Engines offers user intelligence tools and data mining services for application builders. The platform provides organizations with advanced machine learning, predictions, credit card fraud detection, address verification, proxy detection, language prediction, and sentiment analysis, plus a number of security APIs for passwords, authentication, and fraud risk.
Active Intrusion Detection is a service that can detect and trace data leaks as they happen. The Active Intrusion Detection API detects when fragments of sensitive data are sent to third parties with insecure connections and alerts network administrators. Further security measurements can be applied such as password resets and IP tracking. This system can be used to secure databases, passwords, and credit cards.
Apozy provides services and tools for cybersecurity practices. The Apozy API allows developers to access and integrate the functionality of Apozy with other applications. API access comes with enterprise account service.
Apozy API is for securing apps Screenshot: Apozy
Yoti is an identity system that can reduce fraud and improve customer experience in online platforms and face to face interactions. The Yoti API is used to verify customer login information without passwords, to integrate identity checks and for in person age checks.
This short video explains how the Yoti application can verify indentity Video: YouTube/Yoti
WebKit is an engine for rendering web pages primarily used by Apple’s Safari and AppStore. The WebKit Content Blockers API integrates security measures via the browser, by blocking unwanted content.
Density is a people counter platform. It counts people by tracking movement and not by recognizing faces, alleviating privacy concerns. The Density API supports the counting, recording, and monitoring of people traffic in particular locations in public or private domains. This includes business premises, public facilities, schools, and security installations, among others.
Density’s device counts people by tracking movement. API available Image: Density.io
Bark is an internet safety platform that allows parents and schools to help keep their children safe online. The Bark REST API allows developers to access and integrate the functionality of Bark with other applications. The main API method is returning safety messages from the Bark platform.
Video: YouTube/Bark
VirusTotal is a malware detection service and maintains a blacklist of files and URLs known to be harmful. Users can upload files or submit URLs to VirusTotal to be scanned for worms, viruses, trojans, and more. The VirusTotal Private REST API exposes the information generated by its scanners to developers for integration and third-party access. The API is available with account service, is REST-based and includes methods for retrieving scan reports, uploading files for scans, and managing URLs to scan, plus more.
Threat Connect provides threat intelligence services to companies and organizations. The Threat Connect API integrates intelligent analytics to detect threats. With the API, developers can implement cyber defense measures, plus query account holders, threat observations, groups, campaigns, incidents, documents, victims and more.
Elastic Beam announced their flagship security product during June, 2017, API Behavioral Security (ABS). It’s not actually an API, but ABS is Artificial Intelligence powered solution that claims to be able to detect and block cyberattacks that target APIs.
Another product for protecting APIs is the Distil Networks Bot Defense for API, a service that protects API servers from bots by determining whether a browser is present, and if a human is using a verified browser or mobile device to gain access.
BackgroundCheck REST API is a source of background screening records, including criminal records, addresses, court documents, and more. The API can be accessed and integrated with other applications
NSnitch provides a DNS server which records the IP address of requests made against it and then makes that IP available via JSON API. Developers can get more complete picture of their DNS privacy and security settings with this API.
Домой
United States
USA — software ProgrammableWeb's Most Interesting APIs in 2017: Security and Privacy