PR99033

TEL AVIV, Israel, November 30, 2022 /PRNewswire=KYODO JBN/--

The API security trailblazer takes matters into its own hands as it launches an

innovative service that champions compliance, risk assessment and API visibility

Wib [https://wib.com/], the fast-growing cybersecurity startup pioneering a new

era in API security, today announced an industry-first API

PenTesting-as-a-Service [https://www.wib.com/api-pen-testing-as-a-service]

(PTaaS) designed to help organizations proactively cover the latest PCI-DSS 4.0

mandates for testing application security, APIs, and vulnerabilities in

Business Logic.

According to Gartner [https://www.gartner.com/en/documents/3970520], 90% of

web-enabled applications will expose more attack surface via APIs than in the

user interface (UI), and API abuses will become the most-frequent attack

vector. In recognition of this changing attack landscape, Wib's PTaaS solution

[https://www.wib.com/api-pen-testing-as-a-service] supports the evolving

requirements for frameworks such as PCI DSS as they adapt to the realities of

modern web security, where API traffic is already 91% of web traffic, but API

coverage in penetration testing is often lacking.      

For organizations covered by PCI-DSS' strict requirements for application

penetration testing, which as of version 4.0 specifically includes API abuse

and attacks on business logic, Wib's unique offering provides on-demand API Pen

Testing specifically designed to provide solid validation of API security

posture to support assertions of compliance for PCI and other frameworks and

regulations such as GDPR, CCPA, SOC-2, ISO, NIST, and others.

Wib is uniquely positioned to spearhead this innovative approach. Utilizing the

skill of Wib's Offensive Security team, Wib will deliver 'inception to report'

in just three weeks, including:

-  Full assessment report of all identified vulnerabilities

-  A risk severity score, based on NIST cyber matrix calculator

-  Contextual remediation report for all vulnerabilities that have been found

-  Remediation road map plan with implementation suggestions, as well as

post-remediation validation as required by PCI standards

-  Dedicated training and consultancy session with Wib's Security

Specialists      

Wib's ground-breaking service is designed to be unintrusive and hassle-free for

customers as Wib simulates attacks against their APIs without ever having to

connect to their systems, and when combined with the Wib platform, is the only

offering that provides complete visibility, an automatic inventory,

auto-generated API documentation, and simulated attacks against test and / or

production systems. Wib's unique and holistic approach is the only way to truly

protect your API ecosystem all the way from your source code, through

production traffic, to professionally validated attacks on your API business

logic from a professional API hacker's  perspective from the outside.

"We've always said that your defense should be informed by the offense, and

with Wib's world-leading team of API Penetration Testers, we're uniquely

positioned to provide validation of the security posture of APIs and the

applications that use them from the same lens as the external attacker." adds

Chuck Herrin, CTO of Wib. "That is a critical piece we often find missing, and

our team is built to fill this gap so our customers can find, understand and

protect their APIs as they race to secure their evolving attack surface. Our

goal is to make it safe to innovate and help our customers ensure the security,

risk, and compliance of the API ecosystems powering their business."

http://www.wib.com/api-pen-testing-as-a-service

About Wib

Wib is pioneering a new era in API security with its industry-first holistic

API security platform. Providing continuous and complete visibility and control

across the entire API ecosystem, Wib enables developers to code with confidence

and security teams to secure with surety.

Wib's elite team of developers, attackers, defenders and seasoned cybersecurity

professionals draw on real-world experience and expertise to help define and

develop innovative technology solutions that enable customers with the

identity, inventory and integrity of every API, wherever it may be within the

development lifecycle, without compromising development or stifling innovation.

Wib US contact:

Nazli Ekim

Zonic Group

nekim@zonicgroup.com

+44 (0) 7384 220223

+1 917 355 9650

Wib UK contact:

Mark Waite

Cohesive Communications

markw@wearecohesive.com

+44 7774 265444

SOURCE: Wib