The move to SaaS replacements for desktop applications combined with the popularity of social networking and personal ﬁnance websites, has led to an increasing amount of private user data being accumulated in the cloud. According to the Open Security Foundation, 14% of data theft occurs through web services. With an estimated $1.2 billion in losses in 2008, these data leaks are not only embarrassing, they are costly.
Only Stratus offers the API Firewall™ that gives your APIs the ultimate protection from misuse, abuse, and potential data loss and theft.
Ensuring that only authorized users have access to your APIs is essential. Stratus helps you manage end-user authentication, allowing your customers to self-register but also providing workﬂow for administrators to grant and revoke end-user access. Full audit logs are available, and Stratus also provides rate limiting functionality so that an especially energetic partner doesn't use up too many resources and make your service unavailable for other customers.
Application Threat Protection
Web services APIs are vulnerable to similar attacks as traditional web applications. Your APIs must be protected from the possibility of data leakage or theft by enforcing authentication and authorization in complex environments. In addition to protecting against malicious injection (SQL, LDAP, XPath) which can lead to information disclosure, only Stratus offers advanced threat protection like hardened schema validation and outbound ﬁltering that prevents your APIs from giving up valuable data to attackers.
Denial of Service
Stratus protects against both traditional Denial of Service (DoS) attacks, where an attacker ﬂoods your API with illegitimate requests denying access to real users, as well as the more advanced XML DoS (XDoS) attacks. With the introduction of XML processing, web services APIs are especially vulnerable to specially crafted attacks targeted at the XML parser. The Stratus API Firewall™ sits in front of your APIs and protects against XDoS attacks, while also offering traditional DoS protection features like IP ﬁltering, helping you guarantee the availability of your services for your customers.