Case Study: Global Financial Services Company achieves regulatory compliance and prevents sensitive data leakage with Cequence Security's API Sentinel

API Risk Analysis Helps Maintain Regulatory Compliance

Global Financial Services Company, a large global financial services firm, faced growing regulatory and security risks as APIs became primary application components. With distributed teams publishing APIs, the company struggled with shadow APIs, spec noncompliance, inadvertent exposure of internal APIs, and unmanaged legacy endpoints that could leak sensitive data. Already using Cequence Security’s Bot Defense, the customer evaluated and quickly adopted Cequence Security’s API Sentinel when the tool validated their concerns by discovering shadow APIs.

Cequence Security deployed API Sentinel as a Kubernetes-based solution integrated with existing load balancers to build a centralized inventory, provide runtime visibility and traffic analytics, and detect sensitive data leakage (including credit card and social security numbers) via a sensitive-data dashboard and automated alerts. Discovered APIs are assigned owners and high-risk endpoints are translated into updated Bot Defense policies, resulting in eliminated potential compliance violations, improved collaboration between security, development and business teams, and accelerated API security maturity.