Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
Cloud Infrastructure Risks: How Combining Edge and Runtime Protection Can Better Protect APIs and Apps
February 01, 2024
The acceleration of digital transformation and subsequent rise in API, containerization, and multi-cloud deployments are creating a dynamic attack surface that's growing increasingly complex. Maintaining visibility to keep track of new, changed, unmanaged, or insecure APIs grows increasingly difficult.
In addition, many threat actors now bypass edge and perimeter defenses by exploiting vulnerabilities in running APIs and applications. As we've seen with the recent credential stuffing attack(link is external) on biotechnology company 23andMe, companies risk both massive data loss, and reputational and financial damage, when their APIs aren't protected. But defending APIs and applications in this new multi-cloud environment has proven challenging. Just protecting the edge is no longer enough in this dynamic landscape, today combining protection at the edge with protection at runtime is required.
The Problem: Why APIs and Apps Will Be Harder to Defend in 2024
According to a report from Gartner(link is external), by 2027, more than half of enterprises will use industry cloud platforms to advance their business initiatives. In addition, organizations will have invested close to $600 billion(link is external) this year to move their data to the cloud.
Complicating matters, 98% of enterprises(link is external) report they already deploy multi-cloud architectures, with data distributed across several cloud providers. Multi-cloud deployments further expand the attack surface and make security more challenging to address.
Back in January 2023, T-Mobile reported(link is external) for the second time that hackers exploited unprotected APIs, resulting in the data of 37 million customers being stolen. In addition to the stolen data, T-Mobile failed to notify customers in a timely manner once the breach was discovered — the attack went undetected for over a month. A few months later in July, JumpCloud abruptly announced(link is external) that the company needed to reset customers' API keys to combat an ongoing spear-phishing campaign. The attack granted threat actors access to the company's internal infrastructure and prevented customers from accessing services.
These attacks are just two examples that signal the complicated battle organizations are up against when it comes to defending their cloud environments.
How Organizations Can Better Defend Their APIs and Apps in a Modern Cloud-Based Environment
Web application firewalls and stand-alone API observability solutions have proven effective in protecting and providing visibility into the edge, or "front door," of an organization's environment.
However, it can leave the back door vulnerable to runtime attacks. To ensure the protection of APIs and applications in a multi-cloud, containerized environment, organizations will need adopt a strategy that provides protection from the edge to runtime. You can think of it as monitoring both who is going into and out of a house (HTTP requests and responses), and what's going on inside the house (the runtime environment). If an attacker is flooding an organization's APIs with credential stuffing attacks, edge protection stops the threats from infiltrating the "house." This protection is critical, but it doesn't address threats that can arise from exploitations at the OS level, across in-network traffic (i.e., east-west), or zero-day threats. Runtime protection, on the other hand, is like cameras monitoring activity inside a house. It detects and prevents threats in the application runtime environment.
The Solution: How Both Operate in Tandem to Block Attacks
Runtime and edge security solutions work together to provide comprehensive protection that identifies and blocks different types of threats. The two solutions work together to allow users to see what threats are coming in and out and also what's happening inside an organization's API and application landscape.
Edge solutions will stop any malicious activity from entering the house as primary defense, by monitoring the traffic attacking your APIs, and alerting on and blocking threats before they gain access to your system. Although this protection is necessary, it doesn't always address exploitations that are right at the OS level (east-west), or zero-day threats.
This is where runtime comes in. It allows you to monitor and protect from the inside at the operational level, operating as surveillance, documenting activity inside the house and identifying intruders (threat actors) that made it past the front door.
Start Taking Your API Protection Security More Seriously in 2024
Although multi-cloud platforms have provided organizations with agility to deploy and scale across all of their workloads, giving them greater flexibility, it has also opened the floodgates to threat actors lying in wait in the cloud. This increased use of cloud infrastructure will undoubtedly expand the threat landscape and breed new risks that organizations will need to defend against. Attackers have endless time and resources to find a way around defenses, and to prepare, organizations must rethink API and application protection and consider protection from the edge to runtime.
Industry News
May 22, 2025
May 22, 2025
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.
May 22, 2025
StackHawk has taken on $12 Million in additional funding from Sapphire and Costanoa Ventures to help security teams keep up with the pace of AI-driven development.
May 21, 2025
Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.
May 21, 2025
Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.
May 21, 2025
Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.
May 21, 2025
As part of Summer '25 Edition, Shopify is rolling out new tools and features designed specifically for developers.
May 21, 2025
Lenses.io announced the release of a suite of AI agents that can radically improve developer productivity.
May 20, 2025
Google unveiled a significant wave of advancements designed to supercharge how developers build and scale AI applications – from early-stage experimentation right through to large-scale deployment.
May 20, 2025
Red Hat announced Red Hat Advanced Developer Suite, a new addition to Red Hat OpenShift, the hybrid cloud application platform powered by Kubernetes, designed to improve developer productivity and application security with enhancements to speed the adoption of Red Hat AI technologies.
May 20, 2025
Perforce Software announced Perforce Intelligence, a blueprint to embed AI across its product lines and connect its AI with platforms and tools across the DevOps lifecycle.
May 20, 2025
CloudBees announced CloudBees Unify, a strategic leap forward in how enterprises manage software delivery at scale, shifting from offering standalone DevOps tools to delivering a comprehensive, modular solution for today’s most complex, hybrid software environments.
May 20, 2025
Azul and JetBrains announced a strategic technical collaboration to enhance the runtime performance and scalability of web and server-side Kotlin applications.
May 19, 2025
Docker, Inc.® announced Docker Hardened Images (DHI), a curated catalog of security-hardened, enterprise-grade container images designed to meet today’s toughest software supply chain challenges.
May 19, 2025
GitHub announced that GitHub Copilot now includes an asynchronous coding agent, embedded directly in GitHub and accessible from VS Code—creating a powerful Agentic DevOps loop across coding environments.
