Financial institution

Driven by demands for tighter integration with their platforms, banking institutions are developing APIs which enable partners to directly integrate financial information back into their internal systems. One of the key concerns is ensuring the security of cardholder data to meet PCI compliance requirements. Many banks use in-house systems to manage API access and deliver foundational security—including managing API keys and providing granular access control services. However, these banks also require strong protection against cyberattacks which could compromise the API service and accessible PCI data.

Elastic Beam API Behavioral Security is deployed to monitor API transactions and report any suspicious activity, including attacks on the banking applications and data systems. A bank deploys Elastic Beam API Security Enforcers and API Behavioral Systems to provide an API security overlay on top of the API management platform already deployed. Using AI techniques to analyze API transactions, Elastic Beam automatically blocks malicious activity and provides security analysts deep insight into API activity, including the detailed information needed for PCI compliance reporting – at scale.

Healthcare

To provide easy access to patient records from mobile or traditional clients, healthcare organizations are deploying API Gateways which allows customers to access their health history, payment information, and other services from a portal. A critical objective is maintaining HIPAA compliance for patient health information (PHI) records and PCI compliance for the credit card payment processing. An API Gateway delivers strong access control to ensure patients can only access their own records, but healthcare organizations require stronger session security and activity monitoring to ensure patient privacy is protected.

Elastic Beam API Security Enforcer can be deployed out-of-band to integrate with the API Gateways, and the Elastic Beam API Behavioral system is used to analyze all API transactions to deliver in depth activity reporting and stop potential attacks. Installed in less than a day, the Elastic Beam software can immediately detect and block suspicious activity, including hackers attempting to guess credentials on the login service or attempting to extract records through the patient portal. Comprehensive, detailed reports on all API activity can be included within HIPAA and PCI compliance reports.

IoT

Organizations are deploying industrial equipment outfitted with MQTT sensors to send operating information to preventative maintenance servers. Once consolidated at a cloud data center, the traffic passes through MQTT brokers to reach various monitoring systems. Manufacturers are looking for a high-performance platform that can intelligently route MQTT sensor traffic to preferred brokers based on the MQTT client identifier.

Elastic Beam Secure MQTT Proxy software is deployed using bare metal, virtualized systems, or Docker containers operating within an Elastic Cluster. Traffic is intelligently routed to each device’s designated broker – even at very large scale. MQTT Proxy delivers the operational flexibility of dynamically adding nodes to a cluster for increased capacity and automatically propagating preferred routing information across a hybrid cloud. Elastic Beam MQTT Proxy helps organizations exceed the targeted availability and performance service levels of their IoT deployments.