Data-driven API security.

Resurface captures real API traffic data for insights into attacks and threats.

Runtime data capture
API traffic details across all REST and GraphQL attributes
Hot data layer for immediate retroactive analysis

Continuous API scanning

Resurface is continuous API security, scanning all API traffic at runtime for active attacks and threats.

Resurface captures API details to immediately identify valid traffic from malicious actions, adding active API intelligence to your security stack. Think of Resurface as a “security analyst in-a-box,” automating API security by detecting and alerting on zero-day attacks and threats.

APIs are under attack.

70%

of API traffic is malicious

APIs are unknown.

1/2

of APIs are unmanaged

Limited API security skills.

#1

API security concern is lack of expertise

Firewalls and gateways are not enough. Attackers can appear as users and penetrate the perimeter. Internal users and partners bypass firewalls and can directly access microservices without inspection. Resurface continuously scans API traffic to detect attack traffic from valid users before it reaches your applications.

**Comprehensive API data capture**

Resurface captures complete request and response detail, creating a readily accessible datastore for attack detection, fast triage, and threat intelligence.
Mapped to security and quality rules, get aggregated and individual API call details across all your APIs.

Use Case

FinTech

Broken Object Level Authorization (BOLA), API parameter tampering, session hijacking, and other exploit types.

Resurface continuously scans all request and response payloads from every endpoint in real-time, giving you the data necessary to understand and expose potentially malicious traffic. Using these complete datasets, you can uncover, triage, and retroactively assess API anomalies like unchecked access for user IDs, unvalidated URL parameters, and missing HTTPS in sessions.

**Continuous API scanning**

Resurface continuously scans API traffic at runtime to detect and alert before attackers can extract data or proceed with an exploit.
Pre-configured signatures identify common threats and API failures. Alerts work with common communication tools like Slack, Teams, Gchat, JIRA or via webhooks. Automatic deduplication reduces alert fatigue.

Use Case

Health Tech

Insufficient authentication mechanisms, exposure of hardcoded API keys, and lack of certificate pinning.

Resurface continuously scans all request and response payloads from every endpoint in real-time, supporting your ability to dig deep into data to discover anomalies like multiple password attempts, transmission of unencrypted API keys, and continued use of compromised certificates.

**Retroactive analysis**

Resurface powers threat intelligence with a hot data layer for immediate retroactive analysis.
Detect a zero-day issue, and search all API calls retroactively to identify patterns and track actions.

Use Case

Enterprise Tech

Hard-coded API keys, deprecated APIs still accessible, object-level authorization.

Resurface continuously scans all request and response payloads from every endpoint in real-time, supporting your cybersecurity program with data on potentially malicious traffic in development, production, and retroactive assessment. Using these datasets, security teams uncover and mitigate insecure API coding practices, insufficient parameter validation, anomalous traffic patterns, and more.