TMCnet News
SecureIQLab Releases the First-Ever "Secure-by-Design" Web Application & API Protection (WAAP) Public Test ReportAUSTIN, Texas, May 9, 2024 /PRNewswire/ -- SecureIQLab LLC, a leading provider of cloud security validation solutions, proudly announces the release of the first-ever Web Application & API Protection (WAAP) test to include the quantification of the critical secure-by-design and operational efficiency metrics.
SecureIQLab Releases the First-Ever "Secure-by-Design" Web Application & API Protection (WAAP) Public Test Report. According to Jay Pathak, SecureIQLab's Chief Scientist, "Security products have come under increasing fire by cyber-criminals and nation-states. Without enforcing a secure-by-design approach, if a security product is compromised, the assurance of safeguarding everything the solution is intended to protect becomes uncertain." David Ellis, SecureIQab's Vice President of Research and Corporate Relations, added, "Without operational efficiency (OE) metrics, enterprises will not be able to accurately assess the true Return on Security Investment (ROSI) of a solution until it's too late. OE determines how many resources will be required to manage and maintain a cloud WAAP solution." Operational efficiency metrics are critical to enterprises that want to assess the resource impact of a solution in day-to-day operations in addition to upfront and support costs. This critical piece of information is necessary for the actual total cost of ownership (TCO) to be determined. Tested vendors include Airlock, Akamai, Amazon AWS, Barracuda, Cloudflare, F5, Fastly, Fortinet, Google, Imperva, Microsoft Azure, Prophaze, Radware, Ubika, and WallArm. Each vendor's solution was tested against 11 security categories, including over 3,500 attacks. These attacks include attacks from the OWASP top ten as well as advanced attacks not covered by OWASP. The operational efficiency metrics measurements for each solution were derived from five areas with 39 features and functions evaluated. These five areas include Ease of Deployment, Ease of Management, Ease of Risk Management, Scalable & Elastic Capabilities, and Logging & Auditing Capabilities. While extremely important, the balance between operational efficiency and security efficacy is paramount. As Randy Abrams, Senior security analyst, observed, "Virtually the entire internet and enterprise applications are API driven. When an API is compromised, everything from data input to processing to output can be altered. The exploitation of APIs is an insidious attack vector against web applications." The SecureIQLab WAAP comparative report and individual reports can be found here. Media Contact:
SOURCE SecureIQlab 
|
View original content to download multimedia: