Akana Secures APIs and Web Applications from OWASP Top Ten

Secures APIs and web applications from the most critical security flaws and vulnerabilities

Los Angeles, CA. – Tuesday, April 7, 2015 – Akana, an API Management and Cloud Integration leader that helps businesses accelerate their digital transformation by securely extending their reach across multiple channels, announced today that its Community Manager, API Gateway, and Lifecycle Manager products are certified to secure customer’s APIs and Web Applications against the OWASP Top Ten Vulnerabilities.

The OWASP Top Ten is a powerful awareness document for web application security. It is published and maintained by the Open Web Application Security Project. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.  The vulnerabilities identified on the most recent top ten list are:

  • Injection
  • Broken Authentication and Session Management
  • Cross-Site Scripting (XSS)
  • Insecure Direct Object References
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Missing Function Level Access Control
  • Cross-Site Request Forgery (CSRF)
  • Using Components with Known Vulnerabilities
  • Unvalidated Redirects and Forwards


“Our customers have to be able to protect their APIs and Web Applications from the critical security vulnerabilities identified in the OWASP Top Ten,” said Alistair Farquharson, chief technology officer at Akana.  “The procedures, tools, and technology we have put in place to eliminate risks at all stages of our SDLC make us the obvious choice for any customer needing a secure, reliable, API Management solution.”

Akana certifies its products to secure APIs and Web Applications against these vulnerabilities, both via regular penetration testing, and through an integrated source code scanning system.  Akana conforms to stringent security processes making its cloud offering and products some of the most secure in the industry.  Akana’s development and security processes include:

  • Integrated static code analysis as part of the SDLC
  • Dynamic, automated penetration testing as part of the SDLC
  • Regular, 3rd party dynamic penetration testing
  • Security best-practices training for developers


These processes help ensure that APIs and applications projected using Akana’s solutions are:

  • PCI Compliant
  • HIPAA Compliant
  • FIPS 140-2 ‘compliant’ when leveraging an HSM


For information on Akana and its solutions on API Management, API Security and Cloud Integration, please click here.

About Akana
Akana’s comprehensive suite of API Management, API Security, SOA Governance, Cloud Integration, and Microservices solutions helps businesses accelerate digital transformation by securely extending their reach across multiple channels – mobile, cloud and Internet of Things. Akana enables enterprises to quickly deliver scalable applications, share data as APIs, connect and integrate applications, drive partner adoption, monetize their assets and provide intelligent insights into their business and operations. The world’s largest companies including Bank of America, Pfizer, and Verizon use Akana to harness the power of their technology and transform their businesses. Akana is also recognized as a “Leader” by Forrester in API Management Solution Wave, Q3 2014, by other analyst firms. For more information on Akana’s API Platform, see http://www.akana.com

Back to Press Releases