Multi-layer API security with Apigee and Google Cloud Armor

Serving up data from Cloud Storage
March 13, 2021
Feature Spotlight: Fully Custom Role-Based Access Control
March 15, 2021
Serving up data from Cloud Storage
March 13, 2021
Feature Spotlight: Fully Custom Role-Based Access Control
March 15, 2021

Information security has become headline news on a daily basis. You have probably heard of security risks ranging from malicious bots used in schemes both big and small, to all-out “software supply chain attacks” that involve large-name enterprises and their customers, and that ultimately affect numerous governments, organizations, and people.

As businesses expand their digital programs to serve their customers via online channels and to operate from anywhere with a global remote workforce, such security attacks are expected to become more common. Because application programming interfaces (APIs) are fundamental components of an enterprises’ digital programs, connecting the data and functionality that power various apps and services, they are also vectors of malicious attacks–as well as sources of insights that enterprises can use to better understand attack patterns and how to thwart them. Our State of the API Economy 2021 report found a 172% rise in abusive traffic and a 230% increase in enterprises’ use of anomaly detection, bot protection, and security analytics features.

As agile, smart, and proactive digital security mechanisms have become the cost of doing business, API security has become an indispensable part of an enterprise’s IT security portfolio–and as this article explores, our recent release of Apigee X makes API security even more powerful.

Multi-layer API security with Apigee and Google Cloud Armor

APIs are the doors to various digital assets–and every door needs a lock to keep what’s behind it safe and protected from unauthorized access. Therefore, to help organizations secure APIs to the highest level, Google Cloud has brought together Apigee and Cloud Armor, combining industry-leading API management and web application firewall technologies. With Apigee X, the latest release of Google Cloud’s full lifecycle API management platform, customers can easily and seamlessly apply Cloud Armor web application firewall (WAF) to APIs, adding another layer of security to ensure that corporate digital assets are accessed only by authorized users.

For companies such as AccuWeather, a global leader in weather data and forecasting, APIs have been essential to both building new applications and monetizing data and functionality for outside developers, so those communities can innovate with AccuWeather assets as well. With this new expanded surface area from their APIs, AccuWeather needed robust security to manage and secure its digital assets.

“Over the last decade, AccuWeather has continued to transform as a digital solution for serving business customers with the most accurate and useful weather information using APIs. With Apigee’s strategic partnership and comprehensive API management platform, we were able to design, develop, and launch our industry-leading APIs in a few short weeks.” said Chris Patti, Chief Technology Officer at AccuWeather. “Today, we serve over 50 billion API calls per day. As many organizations embrace their own digital solutions, they are increasingly adopting API-first strategies for accelerated transformation. With the new Apigee X release, we can foresee furthering our API programs with the best of Google capabilities like reCaptcha, Cloud Armor, and Content Delivery Network (CDN) for global scale, performance and security.”

Apigee and Cloud Armor together help secure your APIs at multiple levels.

Leave a Reply

Your email address will not be published. Required fields are marked *