Apinizer - API Management Platform
The API Management Platform, which enables the identification of internal and external services owned by the organization and the identification of data related to the services, can also work as a service routing and security control mechanism for aWhat is AVCI?
Many security tools used in CSOC (Cyber Security Operation Center) infrastructure cause administrative difficulties.
AVCI enables security tools to be managed from a single center.
By providing centralized management of vulnerabilities, it provides enterprises with proactive security with time savings, quick action and integrated vehicle management.
AVCI is developed by an R & D team, including consultants and software developers with many years of cyber security consulting experience. The features it has developed have been developed by analyzing the needs of the institutions and they continue to be developed. The modules detailed below and continuing to be developed are aimed to contribute to increasing corporate security.
Intelligent Vulnerability Matching System
With this module, data transmitted from multiple vehicles is collected into a common database. The workload is minimized by combining the self-repeating ones within the vulnerabilities added to the database with vulnerability identification numbers. The findings transmitted from each vehicle are reported as per data or processed data, if desired. By comparing the outputs of different screening tools that perform similar tasks separately, different finding formats are matched and the same vulnerability is displayed more than once.
Intelligent Vulnerability Management
By managing the security analysis tools located in the organization, AVCI can assign its outputs to the relevant officers as a task. It integrates with the ticket system used in the organization and ensures that the status of the detected weaknesses is monitored.
Once a vulnerability is assigned as a task, it can follow the assigned task and monitor the actions taken. If any action is taken, it can check the vulnerability again and find out if it is closed. After this learning, if the vulnerability is not closed, the task can be re-established.
The Intelligent Vulnerability Management tool takes over the management of many vehicles added to the system. All scan orders sent to vehicles are transferred to Intelligent Vulnerability Management. Each project or scan created is identified by a unique ID in the Intelligent Vulnerability Management module.
Thanks to the Alert System, AVCI is able to take automatic actions in case of a transaction in the specified criteria. In case any critical findings are detected in any system, notifications are provided by many customizable methods such as automatic mail sending. If desired, automatic actions can also be taken with this module.
Multi Vehicle Management
False-positive findings or multiple findings occur due to the fact that cyber security tools in the infrastructure of the institution are not integrated with each other and the data produced from the tools cannot be matched with a central tool. AVCI facilitates the management of multiple findings by managing the data collected from many cyber security tools with the “Intelligent Vulnerability Matching System”.
AVCI enables the transfer of cyber security tools to the “Core” module with plug-in logic. It offers unlimited “node için support for each plug-in. For example, 3 different ess Nessus Security Scanner ”tools on DMZ, LAN and Cloud networks are added to AVCI with’ Nessus Plug-in ”. By adding 3 separate 3 nodes 3 for 3 different Nessus Security Scanner tools, it is possible to add more than one product from the same product with a single plug-in.
It provides multi-user support to allow other employees or teams (such as CSOC) to access the AVCI management interface. It provides access with customizable privileges for personnel to be granted access to AVCI. This allows users to access access to each site or report.
AVCI can perform continuous scanning to the desired systems by providing continuous scanning services to the systems designated as high priority. With Coninuos Scanning, high priority systems will be under continuous monitoring. It takes action for preventive actions in case of detection of a potential vulnerability.
Dynamic Entity Classification
With the “Dynamic Asset Classification” feature, AVCI classifies all assets in the corporate infrastructure dynamically. It allows the reporting of vulnerabilities for each asset by classifying assets specific to each service, operating system, site or vulnerability. Thus, since all assets in the corporate infrastructure will be classified dynamically, the risks posed by each asset for the corporation can be measured.
Task Management Component
The Task Management Component is responsible for managing the ticket system. The “Task Management Component. Is responsible for creating, monitoring and taking actions together with the methods of eliminating the vulnerabilities in the systems by processing the data transferred by the Smart Vulnerability Management System.
Security and Process Management
AVCI, institutions are subject to Cyber Securitythe services.
Keywords: API MANAGEMENT, API GATEWAY, API SECURITY, API ECONOMY
Service Directory (Registry)
It ensures that the web services owned or used by the organization can be defined, located inside and outside the organization, accessible.
Service Routing (API Gateway)
APINIZER enables the organization's services to be accessed through virtual addresses, allowing requests to pass through the APINIZER filter, while enabling virtualization of services while controlling content.
Only authorized users can access the service with APINIZER. In this case, authorization can be integrated to the existing single-sign-on structure of the organization or the defined users can be sent to the service.
Allows users to access the requested resource within the allowed privileges. It can mask and transform data, as well as remove unwanted parts of the data completely from the data content.
APINIZER detects if there is a structural malfunction in the data coming to the services on it, if the data size is more than allowed or if there is a threat in the data content such as SQL injection, it prevents them from going to internal systems and works as a content firewall.
APINIZER checks that the messages received from the services on it conform to the data schemes in the internal services and if there is a problem, it is detected before the application server arrives.
APINIZER can convert the contents of the messages received from the services and / or returned from the internal services to another format.
Service Performance Restrictions (Throotling)
It ensures the stable operation of the internal system by placing certain restrictions on the requests coming to the services on the gateway in order to prevent the servers of the institution to work under excessive load.
Service Access Restriction
Enables the organization to allow services on the gateway only to receive messages from restricted IPs or other IPs, except for prohibited IPs, in situations requiring security. The service can also be accessed via the gateway.
Service Load Balancing
In order to ensure load distribution among servers within the organization, APINIZER can direct requests from the services on it to different application servers.
Message Content Logging (Request / Response)
APINIZER can optionally store messages sent to and received from internal services.
Full Text Search
If the message contents are stored, it provides the possibility of performing full text search on incoming and outgoing messages.
The status of the services can be monitored instantly with statistical information such as requests received on the services on APINIZER, success status of these requests, average data sizes, average response times.
APINIZER automatically generates alarms and informs the related subscribers for the times and conditions specified in the services on it.