Release Date: September 6th, 2023
API Catalog Sensitive Data
ThreatX expands its platform offering with the release of a Sensitive Data enhancement to the API catalog 2.0. The new feature, unveiled at the Black Hat Conference 2023, extends the ThreatX platform into the protection of sensitive information.
The ThreatX Sensitive Data feature enhances the API Catalog by flagging and preventing exposure of sensitive identification information, such as passwords, credit card numbers, social security numbers, Individual Taxpayer Identification Numbers (ITINs), and next generation passports. The feature reports only sensitive data that is in plain text, not partial or obfuscated data, such as ***-**-1234, and it does not store sensitive data due to security and compliance reasons.
Release Date: April 26th, 2023
Botnet Console and API Catalog 2.0
ThreatX has expanded its platform offering with the release of a new Botnet Console and API catalog 2.0. These new dashboards, unveiled at RSA Conference 2023, will help security teams rapidly investigate automated threats and attempts to abuse APIs with enhanced metrics, analytics, and visualizations.
The Botnet Console provides security teams with a powerful view for monitoring botnets and other forms of malicious, automated traffic. With its enhanced visibility, security teams can quickly identify and respond to changing automated threats before APIs and applications are affected or breached. Given the increasing use of bots to carry out volumetric attacks, such as credential stuffing, account takeover, and DDoS, the fully integrated Botnet Console is a necessity for maintaining a strong security posture in today’s threat landscape.
The API catalog 2.0 offers security teams a comprehensive solution for managing APIs and investigating attackers targeting them. With its redesigned dashboard and advanced analytics, ThreatX’s API catalog 2.0 empowers security teams to investigate threats with the confidence of knowing that real-time, risk-based blocking has already thwarted attackers.
Release Date: September 12th, 2022
Single Sign On – Azure AD B2C
ThreatX is increasing security for our customers by providing the option to use Single Sign On (SSO) using SAML integration for Azure B2C.
Release Date: August 15th, 2022
Search, Sort, Filter Capability – Attack Dashboard
The Threat Entities table in the Attack Dashboard now has new functionality allowing users to search, sort, and filter the data by specific columns and criteria. To learn more about the Attack Dashboard, visit Using ThreatX.
Release Date: June 22nd, 2022
Allow List / Deny List Expiration: IP Address
ThreatX users are now able to set an expiration date for an IP address that has been added to the allow or deny list. This enhancement provides clarity on the exact timeframe that an IP address will be on the allow or deny list.
Release Date: April 22nd, 2022
GraphQL Profiling – API Defender
ThreatX now supports API Discovery for GraphQL endpoints to provide visibility into web applications utilizing the alternative API protocol. GraphQL endpoints will be profiled at the site and endpoint level within ThreatX’s API Defender.
Customize OpenAPI Schema
Schema customization is now available in ThreatX’s API Defender. This functionality provides users the ability to fine-tune and add API endpoints that aren’t already included in their uploaded API schema specification files, to an existing schema or append to a new API schema. To learn more about API Defender, visit Using ThreatX
OpenAPI Schema Export
ThreatX users are now able to export their Open API schema from the API Defender, Schema Management page.
Release Date: March 29th, 2022
ThreatX’s API Defender dashboard includes major enhancements to expand visibility into API traffic analytics, error code summaries, and the ability to visualize all API schema conformance to compare which API traffic is expected vs. an anomaly against the organization’s API specifications. Some of the latest capabilities allow users to upload, manage, and cross-compare API traffic by schema conformance to understand risk across their organization’s attack surface. Users can customize their organization’s schema on the fly or create API-centered protection rules.
Release Date: March 29th, 2022
Rebranded – API Catalog
ThreatX has rebranded what was previously known as API Catalog to API Defender. Our API Defender dashboard does more than catalog APIs; it brings together API discovery, observability, and the context needed to understand an organization’s entire attack surface against what is being seen in the wild. To learn more about API Defender, visit Using ThreatX
Release Date: March 29th, 2022
API and Web Filtering – Attack Dashboard
Filtering by API or Web traffic is now available in the Top Targets view of the Attack Dashboard. Users can easily filter by which aspects of their Web Application is being heavily targeted for detailed visibility into the attacker’s perspective. To learn more about the Attack Dashboard, visit Using ThreatX
Release Date: February 18th, 2022
Endpoint Filtering – API Catalog
Endpoint filtering is now available via the API Catalog. Users can quickly identify which endpoints are active and inactive for a specific time range using the Total Requests filter. This filter option also provides a total count of active and inactive endpoints for the specific time range selected. To learn more about the API Catalog, visit Using ThreatX
Release Date: December 8th, 2021
Entity Overview – API Catalog
Each API endpoint can be targeted by multiple entities. To provide visibility into each entity and endpoint, we’ve included an Entity Overview for each endpoint listed in API Catalog. This view provides details into each entity’s risk, classification, and other attributes associated with the type of attack being performed, IP addresses, ThreatX’s block state and more. To learn more about the API Catalog, visit Using ThreatX
Release Date: October 25th, 2021
API Profiling/Endpoint Statistics – Attack Dashboard
This release provides new functionality around identifying profiled APIs seen in match event activity and a new Endpoint Statistics tab on the Entity Details Page. In the Endpoint Statistics tab, users can preview which API and non-API endpoints are the most targeted per entity. To learn more about the Attack Dashboard, visit Using ThreatX
Release Date: October 4th, 2021
Feature Enhancements – Attack Dashboard
IPs can now be bulk uploaded to the blocked, denied, allowed, and ignored lists. Users can find this functionality in the Lists page in admin tools. Additionally, RPS stats have been added to the Attack Dashboard under the high-level summary for all requests and blocked requests. To learn more about the Attack Dashboard, visit Using ThreatX
Release Date: September 8th, 2021
New Interface – Attack Dashboard
This version of the ThreatX Attack Dashboard includes feature enhancements to view real-time traffic or explore historic traffic and attack data in depth. Both real-time and historic traffic views are now supported in one easy to use page, bringing ThreatX traffic to life with this new interface. Observe the benefits of your web application and API protection from ThreatX with modern time driven visualizations of your request and attack traffic. To learn more about the Attack Dashboard, visit Using ThreatX
Release Date: July 30th, 2021
Advanced SSL Configuration
This release provides users with the ability to select advanced SSL configuration options for sites protected by the ThreatX Platform. Users can navigate to the Sites page within Admin settings to select advanced SSL configuration for specific sites.
Release Date: May 26th, 2021
General Availability Support – API Catalog
This version of the ThreatX Dashboard includes features and improvements intended to establish General Availability for the new API Catalog page. The API Catalog page codifies and summarizes the API surface area of systems being protected by ThreatX. While API endpoints have always been protected by ThreatX’s best-of-breed Web Application & API Protection, the API Catalog page provides administrators with an enhanced level of insight and analysis into their API attack surface, derived from actual traffic.
Last Updated 2023-09-06