Artificial Intelligence
Qualys Intros AI-Powered Web Application Scanning (WAS) with API Security
Qualys has announced the launch of its API security platform that leverages AI-powered scanning and deep learning-based web malware detection to secure web apps and APIs across the entire attack surface, including on-premises web servers, databases, hybrid, multi-cloud environments, API gateways, containerized architectures, and microservices.
APIs are integral to digital transformation initiatives across industries. The latest data indicates that over 83% of web traffic now comprises API traffic, highlighting their critical role in modern web applications using microservices, cloud, and hybrid environments. However, this also underscores the vulnerabilities that accompany their widespread adoption.
“Many organizations use a variety of security tools, such as SAST, DAST, SCA, or point solutions for API security that often operate in isolation, without a unified platform to integrate their findings. Moreover, the absence of integration between these tools leads to a fragmented view of the application security posture and results in uncoordinated efforts and gaps in security coverage. Similarly, SAST & DAST tools offer limited coverage for API-specific issues and focus predominantly on code vulnerabilities,” commented Kunal Modasiya, Vice President, Product Management, CyberSecurity Asset Management, Qualys. “Mainly, these solutions fail to extend their assessment to the runtime or environmental threats where APIs operate and provide visibility into the vulnerabilities of the underlying infrastructure hosting these APIs, leaving significant security gaps at the network and host levels.”
Qualys API security addresses and allows organizations to:
- Measure API risks across all attack surfaces with a unified view of API security by discovering & monitoring every API asset across diverse environments, enabling better decision-making and faster response times.
- Communicate API risks like OWASP API Top 10 vulnerabilities & drift from OpenAPI specs with real-time threat detection and response, minimizing the risk window and enhancing overall security.
- Eliminate API risks with integrated workflows supporting Shift-Left & Shift-Right practices, bridging the gap between IT and security teams, promoting seamless collaboration, and improving operational efficiency.
Key features of Qualys API
- Comprehensive API discovery and inventory management
Qualys WAS with API Security automatically identifies and catalogues all APIs within an organization’s network, including internal, external, undocumented, rogue, and shadow APIs. Whether APIs are deployed in multi-cloud environments (AWS, Azure), containerized architectures (Kubernetes), or API gateways (Apigee, Mulesoft), Qualys’ continuous discovery ensures an updated inventory across all platforms, preventing unauthorized access points and shadow APIs. - API vulnerability testing & AI-powered scanning
Qualys provides comprehensive API vulnerability testing using 200+ prebuilt signatures to detect API-specific security vulnerabilities, including those listed in the OWASP API Top 10, such as rate limiting, authentication & authorization issues, PII collection, and sensitive data exposure. Moreover, for large applications, Qualys combines the power of deep learning and AI-assisted clustering to perform efficient vulnerability scans. This smart clustering mechanism targets critical areas, achieving a 96% detection rate with an 80% reduction in scan time. - API compliance monitoring
Qualys performs both active and passive compliance monitoring to identify and address any drift or inconsistencies in API implementation and documentation in adherence to the OpenAPI Specification (OAS v3). Clear, standardized API documentation, in adherence to OAS, ensures that shared documentation is easily understood by recipients, simplifies security assessments and enforcement, and enhances the accuracy of code, benefiting both automated tools and human developers. Qualys also continuously monitors APIs for compliance with industry standards such as PCI-DSS, GDPR, and HIPAA to ensure that APIs remain compliant with evolving regulations, avoiding potential fines and enhancing data protection. - API risk prioritization with TruRisk
Qualys leverages its proprietary TruRisk scoring system, which integrates multiple factors such as severity, exploitability, business context, and asset criticality to prioritize risks based on overall business impact, ensuring that the most critical vulnerabilities are addressed first. It also categorizes risks based on the OWASP API Top 10, helping organizations focus on the most prevalent and severe API security threats. - Seamless integration with Shift-Left and Shift-Right workflows
Qualys integrates seamlessly with existing CI/CD tools (e.g., Bamboo, TeamCity, Github, Jenkins, Azure DevOps) and IT ticketing systems (e.g., Jira, ServiceNow), supporting both shift-left and shift-right security practices. This facilitates automated security testing and real-time threat detection and response without disrupting development workflows. By bridging the gaps between IT and security teams, Qualys ensures smoother operational transitions, improving API security practices and reducing the risk window.
Written by Phil Muncaster, guest writer at ESET (more…)
UiPath has acquired Peak, an AI-native company headquartered in Manchester, United Kingdom. The Peak AI platform enhances product inventory and pricing optimization for businesses across various industries, delivering fast, tangible results without requiring extensive in-house tech teams.
“With the acquisition of Peak, we are accelerating our mission to strengthen our vertical AI solutions strategy,” said Daniel Dines, Founder and CEO of UiPath. “When combined with the UiPath platform, Peak’s exceptional purpose-built AI applications will enhance our ability to provide solutions that optimize industry-specific use cases and deliver incredible value to customers.”
Peak empowers customers to create AI workflows, process data, and generate predictions that streamline critical business operations via APIs or integrated web applications. It also offers advanced AI-based decisioning tools, enabling business users to tackle complex tasks like inventory planning and product pricing optimization.
Now part of UiPath, Peak’s solutions gain the ability to scale globally and penetrate new industries, fostering growth and innovation for customers and stakeholders. Additionally, Peak’s emphasis on driving AI adoption in sectors such as retail and manufacturing will help UiPath expand its market presence and deliver cutting-edge, AI-driven, industry-specific applications powered by large language models (LLMs).
“Joining forces with UiPath is the perfect next step for Peak at this stage of our journey, and I couldn’t be more excited. As automation and agentic AI converge, we’re entering a new era of possibilities for the enterprise,” said Richard Potter, CEO & Co-Founder of Peak. “UiPath’s global reach, deep enterprise expertise, and unwavering commitment to AI innovation will enable us to accelerate our vision—empowering businesses with specialized decision-making AIs at scale. We are incredibly proud of what we’ve built, and as part of UiPath, we look forward to delivering even greater value to our customers while pushing the boundaries of what’s possible with AI in the enterprise.”
Peak is set to elevate the UiPath agentic automation platform, addressing the need for precise calculations in complex business processes. By delivering reliable analysis and predictions, Peak’s solutions will power UiPath’s new Pricing and Inventory Agents, ensuring businesses can make informed decisions. Additionally, Peak’s Decision Intelligence capabilities will enhance the platform’s orchestration features, enabling autonomous processes driven by contextual customer data.
With this collaboration, customers of both UiPath and Peak can achieve higher revenue and improved margins through their combined technologies. The partnership has already demonstrated success, such as transforming the quoting and pricing process for Heidelberg Materials, one of the world’s largest building materials manufacturers in the United Kingdom. The solution automates data collation from hundreds of sources, employs AI to determine optimal quotes, and equips sales teams with actionable insights. This streamlined, end-to-end process has significantly boosted efficiency, accelerating quotation times and increasing conversion rates.
Qlik has announced findings from an IDC survey exploring the challenges and opportunities in adopting advanced AI technologies. The study highlights a significant gap between ambition and execution: while 89% of organizations have revamped data strategies to embrace Generative AI, only 26% have deployed solutions at scale. These results underscore the urgent need for improved data governance, scalable infrastructure, and analytics readiness to fully unlock AI’s transformative potential.
The findings, published in an IDC InfoBrief sponsored by Qlik, arrive as businesses worldwide race to embed AI into workflows, with AI projected to contribute $19.9 trillion to the global economy by 2030. Yet, readiness gaps threaten to derail progress. Organizations are shifting their focus from AI models to building the foundational data ecosystems necessary for long-term success.
Stewart Bond, Research VP for Data Integration and Intelligence at IDC, emphasised, “Generative AI has sparked widespread excitement, but our findings reveal a significant readiness gap. Businesses must address core challenges like data accuracy and governance to ensure AI workflows deliver sustainable, scalable value.” Without addressing these foundational issues, businesses risk falling into an “AI scramble,” where ambition outpaces the ability to execute effectively, leaving potential value unrealized.
“AI’s potential hinges on how effectively organizations manage and integrate their AI value chain,” said James Fisher, Chief Strategy Officer at Qlik. “This research highlights a sharp divide between ambition and execution. Businesses that fail to build systems for delivering trusted, actionable insights will quickly fall behind competitors moving to scalable AI-driven innovation.”
The IDC survey uncovered several critical statistics illustrating the promise and challenges of AI adoption: Agentic AI Adoption vs. Readiness:
- 80% of organizations are investing in Agentic AI workflows, yet only 12% feel confident their infrastructure can support autonomous decision-making.
- “Data as a Product” Momentum: Organizations proficient in treating data as a product are 7x more likely to deploy Generative AI solutions at scale, emphasizing the transformative potential of curated and accountable data ecosystems.
- Embedded Analytics on the Rise: 94% of organizations are embedding or planning to embed analytics into enterprise applications, yet only 23% have achieved integration into most of their enterprise applications.
- Generative AI’s Strategic Influence: 89% of organizations have revamped their data strategies in response to Generative AI, demonstrating its transformative impact.
- AI Readiness Bottleneck: Despite 73% of organizations integrating Generative AI into analytics solutions, only 29% have fully deployed these capabilities.
These findings stress the urgency for companies to bridge the gap between ambition and execution, with a clear focus on governance, infrastructure, and leveraging data as a strategic asset.
The IDC survey findings highlight an urgent need for businesses to move beyond experimentation and address the foundational gaps in AI readiness. By focusing on governance, infrastructure, and data integration, organizations can realize the full potential of AI technologies and drive long-term success.
Positive Technologies Discovery Leads D-Link to Recommend Router Replacements
Sophos Study: MDR Users Claim 97.5% Less in Cyber Insurance
Fortinet Strengthens OT Security for Critical Infrastructure
ManageEngine’s Open API Platform Enables Unified, Customisable Security Analytics
AI-Driven Deception: A New Face of Corporate Fraud
UAE Cyber Security Council and CPX Unveil Cybersecurity Report 2025
Proactive Threat Intelligence is Essential in Securing Critical Infrastructure
“We Can All Do Better By Treating Women in Tech as Equals”
Supply Chain Vulnerabilities Are Becoming a Growing Concern
“Having Mentors Who Believe in You Can Make All the Difference”
UAE Workforce in 2025: Cybercrime, Stress, and Burnout Take the Spotlight
Video: Toshiba Presents Latest Hard Drives and QNAP NAS System Live Demo at INTERSEC 2025
Video: Toshiba Showcases its Latest Hard Disk Drives Through Live Demos at Intersec 2025
Video: Interview with Meriam ElOuazzani of SentinelOne
Video: Interview with Fred Crehan of Confluent at GITEX Global 2024
-
Artificial Intelligence1 week ago89% of Companies Update AI Data Strategies, But Gaps Remain
-
Cyber Security1 week agoHalcyon Launches 24/7 Ransomware Detection and Recovery (RDR) Solution
-
News1 week agoMatrix Announces IoTSCS-ER Compliant Network Cameras Certified by STQC
-
Artificial Intelligence1 week agoKaspersky Detects Sophisticated Scam Using DeepSeek AI
-
Artificial Intelligence6 days agoUiPath Acquires Peak to Drive Next-Gen AI Decision Intelligence
-
Cyber Security1 week agoForcepoint to Acquire Getvisibility
-
Cyber Security1 week agoNew Research from Palo Alto Networks and Siemens on OT Security Risks
-
Cyber Security6 days agoGroup-IB Outs High-Tech Crime Trends Report 2025 for META