Radware using AI-powered protection to combat logic attacks

Radware has introduced a real-time, AI-powered API protection engine aimed at combating business logic attacks.

This new feature, which automatically and continuously learns business logic to block attacks as they occur, forms part of Radware's enhanced API Protection solution. The company, known for its cyber security and application delivery solutions, announced this development which is designed to detect and mitigate business logic attacks immediately.

The newly introduced engine operates in real-time, identifying bad actors and blocking malicious API calls by continuously learning the business logic of applications.

Radware claims that this solution offers organisations comprehensive coverage for the OWASP API Security Top 10 for 2023.

According to Radware's latest Global Threat Intelligence Analysis Report, there was a 171% increase in malicious web application and API transactions in 2023 compared to the previous year.

The retail sector experienced the highest number of attacks at 37%, followed by transportation at 19%, with software as a service and carriers both at 8%.

"Radware is helping organisations take the guesswork out of API protection," said Gabi Malka, Radware's chief operating officer.

"Unlike competitive solutions that rely on past attack log analysis for detection and remediation recommendations rather than immediately blocking the attacks, Radware's AI-powered protection works automatically, continuously, and in real-time. It not only learns the business logic but also accurately reveals bad actors' identities and blocks their attacks as they occur, resulting in frictionless, optimised protection and reduced risk."

Radware's enhanced API Protection solution takes a multi-layer approach to the real-time detection and mitigation of business logic attacks. It incorporates continuous auto-learning of application business logic to deliver real-time insights into the intent of API calls, whether legitimate or malicious.

Additionally, the solution utilises real-time AI-driven context analysis of security policies to enhance the reliability of API attack detection and mitigation. Furthermore, it precisely identifies bad actors, surpassing basic IP blocking, to accurately block malicious users and clients.

The API Protection feature is part of Radware's broader Cloud Application Security Protection Service, which includes a web application firewall, bot detection and management, and client-side and application-level (Layer 7) web DDoS protection.

This comprehensive service combines end-to-end automation, behavioural-based detection, and 24/7 managed services. It aims to offer organisations the highest level of application protection with minimal false positives.

Radware has earned numerous awards for its application and network security solutions and continues to receive recognition from industry analysts, including Aite-Novarica Group, Forrester Research, Gartner, GigaOm, KuppingerCole, and Quadrant Knowledge Solutions.