apidays London 2023 - Advanced AI-powered API Security, Ricky Moorhouse (IBM) & Filip Verloy (Noname Security)

apidays
apidaysapidays
Advanced API Security Filip Verloy Field CTO, Noname Security Ricky Moorhouse Cloud Architect, API Connect, IBM
API Security is a superhuman problem. It requires Machine Learning to solve. Learn more 15,564 76% 37 days The 2022 API Security Trends Report Whitepaper Average number of Production Enterprise APIs of organizations experienced a security breach in the past year 27 days for discovery 10 days for remediation per incident 2
3 Development Secure at Runtime Analyze Behavior Manage Design Test Discover unmanaged Control Access Protect Endpt Validate content Limit rate Detect Notify Mediate / Stop attack Predict Continuous Monitor Security capabilities across the API lifecycle © 2023 IBM Corporation API Lifecycle Security policy
IBM API Connect powers digital applications by unlocking business data and assets as APIs IBM API Connect Socialize Empower application developers to explore and consume your APIs using branded self-service portals Secure Easily apply built-in and extensible policies to secure, control and mediate the delivery of APIs protecting data and business assets Create Automatically create APIs to expose data, microservices, enterprise applications, and SaaS services using open standards Manage Rapidly organize, publish and analyze any API through the full lifecycle from design to retire
Gateway 5 IBM DataPower Gateway is an industry leading, high security gateway for modern, traditional and hybrid cloud workloads Secure Easily apply built-in and extensible policies to secure access to a full range of API, Mobile, Web, SOA, B2B, and Cloud workloads at all stages. Integrate Combine modern event-based and API workloads with traditional services with advanced protocol bridging and message transformation support. Control Protect applications from over utilization with traffic control and quota enforcements. Optimize Improve response times and throughput by controlling message traffic with application caching and advanced routing.
IBM DataPower 6 Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others Harden capabilities in Gateway to make it an excellent Policy Enforcement Point
IBM DataPower 7 Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others Harden capabilities in Gateway to make it an excellent Policy Enforcement Point Record ML Policy Decision Point Rules IP Cookie Header Query
Detect and block API attacks with real-time traffic analysis powered by machine learning Uncover vulnerabilities and misconfigurations to speed remediation and ensure compliance Runtime API Security Posture Management Augment IBM API Connect & DataPower with Advanced API Security powered by Machine Learning Locate and inventory all of your APIs regardless of configuration Discovery Extend API Connect and DataPower (API Gateway)’s already powerful enterprise-grade performance and security with new Discovery, Posture Management and runtime Behavioral Threat Detection, powered by Noname Security. 8
It is as easy as dropping a policy at the API assembly step 9
Gateway Noname Advanced API Security Policy Noname Advanced API Security Policy How it Works – High Level Architecture API Consumers Protection Rules Analytics Records API definitions & Application Details API Call Information ML Policy Decision Point
Records
Rules
OOTB OWASP TOP 10
Categorize Data (e.g. PII)
| © Noname Security. All rights reserved 15 Deployment - SaaS SaaS Deployment
| © Noname Security. All rights reserved 16 OnPrem Deployment
17 Noname Advanced API Security for IBM
Learn more 01 Explore the product 02 Explore the partnership 03 Visit the IBM booth Talk to an SME, see a demo, or check out a 10-minute SmartTalk 18 ibm.biz/api-security nonamesecurity.com/ibm
Backup 19
IBM DataPower Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others Harden capabilities in Gateway to make it an excellent Policy Enforcement Point
IBM DataPower Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Record ML Policy Decision Point Rules IP Cookie Header Query Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others
IBM API Connect powers digital applications by unlocking business data and assets as APIs IBM API Connect Socialize Empower application developers to explore and consume your APIs using branded self-service portals Secure Easily apply built-in and extensible policies to secure, control and mediate the delivery of APIs protecting data and business assets Create Automatically create APIs to expose data, microservices, enterprise applications, and SaaS services using open standards Manage Rapidly organize, publish and analyze any API through the full lifecycle from design to retire
IBM API Connect Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Runtime api information API Definition(security, schema ..) Application information (credential ..) Provide a full life cycle API management solution
IBM API Connect Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Runtime api information API Definition(security, schema ..) Application information (credential ..) Provide a full life cycle API management solution ML Policy Decision Point IP Cookie Header Query Record Noname API Advanced Security Policy Noname API Advanced Security Policy Rules
IBM API Connect powers digital applications by unlocking business data and assets as APIs API Management Socialize Empower application developers to explore and consume your APIs using branded self-service portals Secure Easily apply built-in and extensible policies to secure, control and mediate the delivery of APIs protecting data and business assets Create Automatically create APIs to expose data, microservices, enterprise applications, and SaaS services using open standards Manage Rapidly organize, publish and analyze any API through the full lifecycle from design to retire 2 © 2023 IBM Corporation
Gateway 26 IBM DataPower Gateway is an industry leading, high security gateway for modern, traditional and hybrid cloud workloads Secure Easily apply built-in and extensible policies to secure access to a full range of API, Mobile, Web, SOA, B2B, and Cloud workloads at all stages. Integrate Combine modern event-based and API workloads with traditional services with advanced protocol bridging and message transformation support. Control Protect applications from over utilization with traffic control and quota enforcements. Optimize Improve response times and throughput by controlling message traffic with application caching and advanced routing.
Noname Security extends the capabilities of IBM DataPower and IBM API Connect to enable organizations to provide advanced security of APIs throughout their lifecycle. Find API security issues faster Intelligently identify and prioritize potential vulnerabilities. Remediate manually, semi- automatically or fully- automatically. Discover the unmanaged Catch vulnerabilities and issues earlier, and prioritize based on impact to reduce remediation costs. Ensure compliance Continuously monitor for compliance with regulatory requirements, industry standards and internal policies. See through the noise Conduct real-time traffic analysis with automated AI and machine learning detection, and use automated remediation to stop attacks in real time. Intelligent asset management
1 of 27

apidays London 2023 - Advanced AI-powered API Security, Ricky Moorhouse (IBM) & Filip Verloy (Noname Security)

Download to read offline
Data & Analytics

apidays London 2023 - APIs for Smarter Platforms and Business Processes September 13 & 14, 2023 Advanced AI-powered API Security Ricky Moorhouse, Cloud Architect at IBM API Connect Filip Verloy, Field CTO at Noname Security ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

apidays
apidaysapidays

Recommended

Enterprise API deployment best practiceEnterprise API deployment best practice
Enterprise API deployment best practiceSanjay Roy
1.5K views20 slides
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API ManagementRui Santos
2.3K views22 slides
Platform for Secure Digital BusinessPlatform for Secure Digital Business
Platform for Secure Digital BusinessAkana
1.3K views58 slides
IBM DataPower Gateway - Common Use CasesIBM DataPower Gateway - Common Use Cases
IBM DataPower Gateway - Common Use CasesIBM DataPower Gateway
97.5K views91 slides
Datapowercommonusecases 130509114200-phpapp02Datapowercommonusecases 130509114200-phpapp02
Datapowercommonusecases 130509114200-phpapp02Krystel Hery
254 views91 slides
Datapowercommonusecases 130509114200-phpapp02Datapowercommonusecases 130509114200-phpapp02
Datapowercommonusecases 130509114200-phpapp02Cristina Garrido Lema
223 views91 slides

More Related Content

Similar to apidays London 2023 - Advanced AI-powered API Security, Ricky Moorhouse (IBM) & Filip Verloy (Noname Security)

Similar to apidays London 2023 - Advanced AI-powered API Security, Ricky Moorhouse (IBM) & Filip Verloy (Noname Security) (20)

Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the Cloud
Cobus Bernard107 views
Becoming an interconnected enterpriseBecoming an interconnected enterprise
Becoming an interconnected enterprise
Warba Insurance Co Kuwait949 views
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower security
Shiu-Fun Poon1.6K views
Gateway/APIC securityGateway/APIC security
Gateway/APIC security
Shiu-Fun Poon1.9K views
5 pillars of API Management5 pillars of API Management
5 pillars of API Management
James Farley-Sutton371 views
5 Pillars of API Management5 Pillars of API Management
5 Pillars of API Management
Rich Graham611 views
5 Pillars of API Management5 Pillars of API Management
5 Pillars of API Management
Sebastian Gyhlenius289 views
apidays Helsinki & North 2023 - API Security in the era of Generative AI, Mat...apidays Helsinki & North 2023 - API Security in the era of Generative AI, Mat...
apidays Helsinki & North 2023 - API Security in the era of Generative AI, Mat...
apidays83 views
Api management customerApi management customer
Api management customer
nick_garrod517 views
CA API GatewayCA API Gateway
CA API Gateway
James Farley-Sutton379 views
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
Amazon Web Services930 views
IBM InterConnect 2013 Cloud General Session: Jamie ThomasIBM InterConnect 2013 Cloud General Session: Jamie Thomas
IBM InterConnect 2013 Cloud General Session: Jamie Thomas
IBM Events5.1K views
Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the Cloud
Amazon Web Services598 views
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
IBM Security1.7K views
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
IBM Security1.3K views
Integrating network and API security into your application lifecycle - DEM07 ...Integrating network and API security into your application lifecycle - DEM07 ...
Integrating network and API security into your application lifecycle - DEM07 ...
Amazon Web Services492 views
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
Francisco González Jiménez1.9K views
Cyber threatsCyber threats
Cyber threats
Sonia Baratas Alves262 views
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security4K views
IBM Maas360 with WatsonIBM Maas360 with Watson
IBM Maas360 with Watson
BuyOnCloud Software Service (P) Ltd.202 views

More from apidays

More from apidays(20)

apidays Australia - The Swiss Cheese Model of Layered API Security, Leon Andr...apidays Australia - The Swiss Cheese Model of Layered API Security, Leon Andr...
apidays Australia - The Swiss Cheese Model of Layered API Security, Leon Andr...
apidays45 views
apidays Australia - No API is an island, Erik Tveitnes, REAapidays Australia - No API is an island, Erik Tveitnes, REA
apidays Australia - No API is an island, Erik Tveitnes, REA
apidays36 views
apidays Australia - How We Built Our Generative AI Assistant; New Relic Grok,...apidays Australia - How We Built Our Generative AI Assistant; New Relic Grok,...
apidays Australia - How We Built Our Generative AI Assistant; New Relic Grok,...
apidays57 views
apidays Australia - Discovering APIs And More With An Internal Developer Port...apidays Australia - Discovering APIs And More With An Internal Developer Port...
apidays Australia - Discovering APIs And More With An Internal Developer Port...
apidays35 views
Using APIs in a Design Thinking Approach to Problem Solving.pdfUsing APIs in a Design Thinking Approach to Problem Solving.pdf
Using APIs in a Design Thinking Approach to Problem Solving.pdf
apidays26 views
apidays Australia - Transforming Your Network To Secure, Control And Observe ...apidays Australia - Transforming Your Network To Secure, Control And Observe ...
apidays Australia - Transforming Your Network To Secure, Control And Observe ...
apidays26 views
apidays Australia - Consuming And Building APIs During Hackathons, William Mc...apidays Australia - Consuming And Building APIs During Hackathons, William Mc...
apidays Australia - Consuming And Building APIs During Hackathons, William Mc...
apidays11 views
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...
apidays Australia - Building On-Premise Hybrid API Platforms, David Freeman, ...
apidays15 views
apidays Australia - Enable Faster Delivery With Collaborative Platform Teams,...apidays Australia - Enable Faster Delivery With Collaborative Platform Teams,...
apidays Australia - Enable Faster Delivery With Collaborative Platform Teams,...
apidays28 views
apidays Australia - Building Trust Brick by Brick, Dasith Wijesiriwardena, Ju...apidays Australia - Building Trust Brick by Brick, Dasith Wijesiriwardena, Ju...
apidays Australia - Building Trust Brick by Brick, Dasith Wijesiriwardena, Ju...
apidays39 views
apidays Australia - The Playful Bond Between REST And Data Streams, Warren Ve...apidays Australia - The Playful Bond Between REST And Data Streams, Warren Ve...
apidays Australia - The Playful Bond Between REST And Data Streams, Warren Ve...
apidays35 views
apidays Australia - Unlocking The Power: The Importance Of API Registration, ...apidays Australia - Unlocking The Power: The Importance Of API Registration, ...
apidays Australia - Unlocking The Power: The Importance Of API Registration, ...
apidays16 views
apidays Australia - API Strategy In The Era Of Generative AI,Shreshta Shyamsu...apidays Australia - API Strategy In The Era Of Generative AI,Shreshta Shyamsu...
apidays Australia - API Strategy In The Era Of Generative AI,Shreshta Shyamsu...
apidays59 views
apidays London 2023 - How APIs support the democratization of FAIR data and d...apidays London 2023 - How APIs support the democratization of FAIR data and d...
apidays London 2023 - How APIs support the democratization of FAIR data and d...
apidays67 views
apidays London 2023 - Revolutionising fitness and well-being, David Turner, V...apidays London 2023 - Revolutionising fitness and well-being, David Turner, V...
apidays London 2023 - Revolutionising fitness and well-being, David Turner, V...
apidays31 views
apidays London 2023 - Let's make "true" impact happen!, Sandra Sydow, Climate...apidays London 2023 - Let's make "true" impact happen!, Sandra Sydow, Climate...
apidays London 2023 - Let's make "true" impact happen!, Sandra Sydow, Climate...
apidays22 views
apidays London 2023 - 7 pillars of an API Factory, Patrick Brosse, Amadeusapidays London 2023 - 7 pillars of an API Factory, Patrick Brosse, Amadeus
apidays London 2023 - 7 pillars of an API Factory, Patrick Brosse, Amadeus
apidays47 views
apidays London 2023 - Meeting Relentless Business Change in a Post API Econom...apidays London 2023 - Meeting Relentless Business Change in a Post API Econom...
apidays London 2023 - Meeting Relentless Business Change in a Post API Econom...
apidays16 views
apidays London 2023 - Overengineering Weakens your API Security, Dr. David Va...apidays London 2023 - Overengineering Weakens your API Security, Dr. David Va...
apidays London 2023 - Overengineering Weakens your API Security, Dr. David Va...
apidays37 views
apidays London 2023 - When to soar and when to dive, Claire Barrett, APIsFirst apidays London 2023 - When to soar and when to dive, Claire Barrett, APIsFirst
apidays London 2023 - When to soar and when to dive, Claire Barrett, APIsFirst
apidays20 views

Recently uploaded

PROGRAMME.pdfPROGRAMME.pdf
PROGRAMME.pdfHiNedHaJar
14 views13 slides

Recently uploaded(20)

UNEP FI CRS Climate Risk Results.pptxUNEP FI CRS Climate Risk Results.pptx
UNEP FI CRS Climate Risk Results.pptx
pekka2811 views
Organic Shopping in Google Analytics 4.pdfOrganic Shopping in Google Analytics 4.pdf
Organic Shopping in Google Analytics 4.pdf
GA4 Tutorials8 views
Launch of the Knowledge Exchange Platform - Romina Boarini - 21 November 2023Launch of the Knowledge Exchange Platform - Romina Boarini - 21 November 2023
Launch of the Knowledge Exchange Platform - Romina Boarini - 21 November 2023
StatsCommunications55 views
Short Story Assignment by Kelly NguyenShort Story Assignment by Kelly Nguyen
Short Story Assignment by Kelly Nguyen
kellynguyen0114 views
PROGRAMME.pdfPROGRAMME.pdf
PROGRAMME.pdf
HiNedHaJar14 views
PTicketInput.pdfPTicketInput.pdf
PTicketInput.pdf
stuartmcphersonflipm314 views
How Leaders See Data? (Level 1)How Leaders See Data? (Level 1)
How Leaders See Data? (Level 1)
Narendra Narendra10 views
Understanding Hallucinations in LLMs - 2023 09 29.pptxUnderstanding Hallucinations in LLMs - 2023 09 29.pptx
Understanding Hallucinations in LLMs - 2023 09 29.pptx
Greg Makowski10 views
Supercharging your Data with Azure AI Search and Azure OpenAISupercharging your Data with Azure AI Search and Azure OpenAI
Supercharging your Data with Azure AI Search and Azure OpenAI
Peter Gallagher35 views
Data structure and algorithm. Data structure and algorithm.
Data structure and algorithm.
Abdul salam 12 views
Survey on Factuality in LLM's.pptxSurvey on Factuality in LLM's.pptx
Survey on Factuality in LLM's.pptx
NeethaSherra15 views
RuleBookForTheFairDataEconomy.pptxRuleBookForTheFairDataEconomy.pptx
RuleBookForTheFairDataEconomy.pptx
noraelstela166 views
Journey of Generative AIJourney of Generative AI
Journey of Generative AI
thomasjvarghese4918 views
ColonyOSColonyOS
ColonyOS
JohanKristiansson69 views
Microsoft Fabric.pptxMicrosoft Fabric.pptx
Microsoft Fabric.pptx
Shruti Chaurasia19 views
MOSORE_BRESCIAMOSORE_BRESCIA
MOSORE_BRESCIA
Federico Karagulian5 views
Building Real-Time Travel AlertsBuilding Real-Time Travel Alerts
Building Real-Time Travel Alerts
Timothy Spann102 views
Cross-network in Google Analytics 4.pdfCross-network in Google Analytics 4.pdf
Cross-network in Google Analytics 4.pdf
GA4 Tutorials6 views
RIO GRANDE SUPPLY COMPANY INC, JAYSON.docxRIO GRANDE SUPPLY COMPANY INC, JAYSON.docx
RIO GRANDE SUPPLY COMPANY INC, JAYSON.docx
JaysonGarabilesEspej6 views
Vikas 500 BIG DATA TECHNOLOGIES LAB.pdfVikas 500 BIG DATA TECHNOLOGIES LAB.pdf
Vikas 500 BIG DATA TECHNOLOGIES LAB.pdf
vikas126116188 views

apidays London 2023 - Advanced AI-powered API Security, Ricky Moorhouse (IBM) & Filip Verloy (Noname Security)

  • 1. Advanced API Security Filip Verloy Field CTO, Noname Security Ricky Moorhouse Cloud Architect, API Connect, IBM
  • 2. API Security is a superhuman problem. It requires Machine Learning to solve. Learn more 15,564 76% 37 days The 2022 API Security Trends Report Whitepaper Average number of Production Enterprise APIs of organizations experienced a security breach in the past year 27 days for discovery 10 days for remediation per incident 2
  • 3. 3 Development Secure at Runtime Analyze Behavior Manage Design Test Discover unmanaged Control Access Protect Endpt Validate content Limit rate Detect Notify Mediate / Stop attack Predict Continuous Monitor Security capabilities across the API lifecycle © 2023 IBM Corporation API Lifecycle Security policy
  • 4. IBM API Connect powers digital applications by unlocking business data and assets as APIs IBM API Connect Socialize Empower application developers to explore and consume your APIs using branded self-service portals Secure Easily apply built-in and extensible policies to secure, control and mediate the delivery of APIs protecting data and business assets Create Automatically create APIs to expose data, microservices, enterprise applications, and SaaS services using open standards Manage Rapidly organize, publish and analyze any API through the full lifecycle from design to retire
  • 5. Gateway 5 IBM DataPower Gateway is an industry leading, high security gateway for modern, traditional and hybrid cloud workloads Secure Easily apply built-in and extensible policies to secure access to a full range of API, Mobile, Web, SOA, B2B, and Cloud workloads at all stages. Integrate Combine modern event-based and API workloads with traditional services with advanced protocol bridging and message transformation support. Control Protect applications from over utilization with traffic control and quota enforcements. Optimize Improve response times and throughput by controlling message traffic with application caching and advanced routing.
  • 6. IBM DataPower 6 Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others Harden capabilities in Gateway to make it an excellent Policy Enforcement Point
  • 7. IBM DataPower 7 Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others Harden capabilities in Gateway to make it an excellent Policy Enforcement Point Record ML Policy Decision Point Rules IP Cookie Header Query
  • 8. Detect and block API attacks with real-time traffic analysis powered by machine learning Uncover vulnerabilities and misconfigurations to speed remediation and ensure compliance Runtime API Security Posture Management Augment IBM API Connect & DataPower with Advanced API Security powered by Machine Learning Locate and inventory all of your APIs regardless of configuration Discovery Extend API Connect and DataPower (API Gateway)’s already powerful enterprise-grade performance and security with new Discovery, Posture Management and runtime Behavioral Threat Detection, powered by Noname Security. 8
  • 9. It is as easy as dropping a policy at the API assembly step 9
  • 10. Gateway Noname Advanced API Security Policy Noname Advanced API Security Policy How it Works – High Level Architecture API Consumers Protection Rules Analytics Records API definitions & Application Details API Call Information ML Policy Decision Point
  • 12. Rules
  • 15. | © Noname Security. All rights reserved 15 Deployment - SaaS SaaS Deployment
  • 16. | © Noname Security. All rights reserved 16 OnPrem Deployment
  • 18. Learn more 01 Explore the product 02 Explore the partnership 03 Visit the IBM booth Talk to an SME, see a demo, or check out a 10-minute SmartTalk 18 ibm.biz/api-security nonamesecurity.com/ibm
  • 20. IBM DataPower Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others Harden capabilities in Gateway to make it an excellent Policy Enforcement Point
  • 21. IBM DataPower Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Record ML Policy Decision Point Rules IP Cookie Header Query Provide security, control, integration and optimized access to enterprise business process TLS Termination AAA Token exchange Message protection Message transform, rate limit & many others
  • 22. IBM API Connect powers digital applications by unlocking business data and assets as APIs IBM API Connect Socialize Empower application developers to explore and consume your APIs using branded self-service portals Secure Easily apply built-in and extensible policies to secure, control and mediate the delivery of APIs protecting data and business assets Create Automatically create APIs to expose data, microservices, enterprise applications, and SaaS services using open standards Manage Rapidly organize, publish and analyze any API through the full lifecycle from design to retire
  • 23. IBM API Connect Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Runtime api information API Definition(security, schema ..) Application information (credential ..) Provide a full life cycle API management solution
  • 24. IBM API Connect Interne t Consumer Mobile Consumer Cloud Apps & Services Firewall / Load Balancer Application Application System z Mobile Application Server Application Runtime api information API Definition(security, schema ..) Application information (credential ..) Provide a full life cycle API management solution ML Policy Decision Point IP Cookie Header Query Record Noname API Advanced Security Policy Noname API Advanced Security Policy Rules
  • 25. IBM API Connect powers digital applications by unlocking business data and assets as APIs API Management Socialize Empower application developers to explore and consume your APIs using branded self-service portals Secure Easily apply built-in and extensible policies to secure, control and mediate the delivery of APIs protecting data and business assets Create Automatically create APIs to expose data, microservices, enterprise applications, and SaaS services using open standards Manage Rapidly organize, publish and analyze any API through the full lifecycle from design to retire 2 © 2023 IBM Corporation
  • 26. Gateway 26 IBM DataPower Gateway is an industry leading, high security gateway for modern, traditional and hybrid cloud workloads Secure Easily apply built-in and extensible policies to secure access to a full range of API, Mobile, Web, SOA, B2B, and Cloud workloads at all stages. Integrate Combine modern event-based and API workloads with traditional services with advanced protocol bridging and message transformation support. Control Protect applications from over utilization with traffic control and quota enforcements. Optimize Improve response times and throughput by controlling message traffic with application caching and advanced routing.
  • 27. Noname Security extends the capabilities of IBM DataPower and IBM API Connect to enable organizations to provide advanced security of APIs throughout their lifecycle. Find API security issues faster Intelligently identify and prioritize potential vulnerabilities. Remediate manually, semi- automatically or fully- automatically. Discover the unmanaged Catch vulnerabilities and issues earlier, and prioritize based on impact to reduce remediation costs. Ensure compliance Continuously monitor for compliance with regulatory requirements, industry standards and internal policies. See through the noise Conduct real-time traffic analysis with automated AI and machine learning detection, and use automated remediation to stop attacks in real time. Intelligent asset management