FireTail presented at the BlackHat Europe open source Arsenal in December 2022, showcasing our open source code library for real-time, inline API security checking.
Specifically, we showcased our API security library as open source for the first time at a European event.
FireTail sits on top of popular open source frameworks for building web services and APIs, like OpenAPI/Swagger, Express and Rails, and then provides in-line security processing of the API calls. FireTail checks for (in sequential order):
1. API call is hitting a valid route using a valid method. This allows for a zero-trust, declarative API structure, with proper error handling at the HTTP layer.
2. Inspection of authentication token. Does the API expect a JWT, application-issued API key or other? FireTail will check whether a valid token of the correct type is present.
3. Payload inspection. FireTail will look for and fail invalid API queries.
One consistent challenge that security teams have expressed is the lack of standardization or centralization of API logs. FireTail has now created a standardized log format, common to all 3 currently available code languages. FireTail also offers the ability to send these logs to a central location, either locally, on a private network, or to a cloud service.
Past companies and tools exhibited at the BlackHat Arsenal include open source tools that have become part of the everyday conversation for security practitioners.
See the details on FireTail's session at Blackhat Arsenal here.
Visit FireTail for more information. We'll also be sharing the recording of the Arsenal demo with you very soon!
Join FireTail at Infosecurity Europe in London to learn more about API security and FireTail’s approach to helping organizations eliminate API vulnerabilities with a hybrid approach to API security
We are delighted to announce that FireTail has been included in the CyberTech100 list for 2023. The CyberTech100 is an annual evaluation of the top 100 most innovative CyberTech companies worldwide.