Introducing API Security Posture Management for GraphQL
tl;dr The Escape Team is excited to announce the release of its latest feature, API Security Posture Management for GraphQL. This feature proposes a single API Catalog view to explore the security, integrity, and performance of all GraphQL operations in one place. You can give it a try for free now on Escape's Platform: https://app.escape.tech
With the rise of GraphQL as a popular API technology, it is essential to have an effective security solution in place, and Posture Management is designed to meet this need.
Escape's API Posture Management works out-of-the-box with all GraphQL engines, including Apollo, Yoga, Hasura, and AWS AppSync, and seamlessly integrates into CI/CD. This means you can easily explore the security, integrity, and performance of your GraphQL APIs without additional configuration directly into your current workflow.
1. Inventory Every Operation and Dive into the details
This feature gives a centralized view of all GraphQL operations, making identifying potential vulnerabilities, sensitive data leaks (including personally identifiable information), or performance issues easy. Developers can also dive into each resolver's details to better understand its security, integrity, and performance.
2. Uncover Vulnerabilities and Resolve incidents before production
The API Security Posture Management for GraphQL is designed to quickly and efficiently uncover vulnerabilities within CI/CD workflows and before production, enabling developers to resolve incidents before it's too late. This includes a range of security checks, including user input validation, rate limiting, and authentication. The feature allows the developer to control who can access specific data (tenant isolation and data segregation), ensuring the integrity of its GraphQL API.
3. Optimize Performance with Quantified Metrics
GraphQL is particularly vulnerable to performance issues with N+1 attacks, cyclic queries, large queries, etc. Moreover, performance is critical to businesses. Posture Management provides developers with quantified metrics that enable them to analyze the performance of their resolvers and detect performance issues. This includes response times and error rates.
API Posture Management is freely accessible to everyone for 7 days
Escape's API Security Posture Management is now available in Beta.
For the occasion, we offer the feature for free to everyone until the 9th of March so that you can give it a try on the Escape's Platform: https://app.escape.tech
We hope you enjoy the feature and can't wait for your feedback!