APITIGHT protects API-based communications from cyber threats and empowers multiple stakeholders, including IT security, DevOps, and application developers, to deploy and manage API security.
APITIGHT frees developers from having to implement and manage complicated security mechanisms in their apps and offers coding-free alternatives. It provides an easy-to-use security envelope for any new or legacy API. Based on a flexible policy engine, the user can set different levels of authentication, authorization, and encryption for APIs to support a wide variety of use cases, environments, and device types.
In addition, APITIGHT provides deep visibility into API usage to gain user insight, troubleshoot access issues, and more. APITIGHT includes a certificate authority that handles issuing, delivery, expiration, revocation, and updates. The server verifies certificate authenticity, while the shield eliminates the complexity of client-side certificates and provides tamper protection. APITIGHT analyzes transaction data and prevents SQL injections, business logic attacks, DDOS attacks, account takeovers, and other threats.
APITIGHT was part of CyberWYZ, an entrepreneurship program designed to help cyber-security start-ups transform great ideas into successful companies.