SHAPE is now part of F5,  Learn More
See why we are better together
Virtual Summit 2020 | App Security and Fraud Summit  Learn More
Watch On-demandSee why we are better together



Visibility and mitigation options to protect HTTP-based APIs


Attacks on HTTP APIs Compromise Site Security and Performance


API Defense from Shape

Now you can leverage the industry-leading power of the Shape security platform to innoculate HTTP APIs from data harvesting and malicious attacks.

Featuring a simple-to-deploy implementation, API Defense from Shape inspects network-layer telemetry signals to classify protected HTTP API calls to detect attacks and unwanted automation, and either throttle or fully mitigate API calls from different sources. 

By eliminating malicious and unwanted automation traffic against HTTP APIs, API Defense slashes risks, improves user experiences, reduces operating costs, and is very developer-friendly.

Protection for HTTP APIs

Designed to meet the needs of a broad range of organizations, Shape API Defense delivers world-class application protection that leverages the power of the Shape network.

Unrivaled accuracy

Through advanced AI and ML assessment of a wide variety of network-layer telemetry signals, API Defense accurately detects and mitigates fraudulent and unwanted API traffic in real-time.

Network leverage

API Defense leverages the intelligence collected across the entire Shape network, which blocks more than one billion fraudulent log-in attempts and other transactions daily, while ensuring that more than 200 million legitimate human transactions are kept safe.

easy to deploy and flexible to implement

API Defense can be implemented in a variety of modes, to support a variety of current infrastructures. The service can be deployed inline as a reverse proxy on-premises, hosted within Shape’s data centers, or in a Shape managed public cloud or consumed via a Shape API. And API Defense is compatible with all network architectures (CDNs, load balancers) and all major cloud platforms.

Example: Shape API Defense Protecting Financial Services OFX API Calls

How API Defense Works

API Defense leverages Shape Security’s patented and proven two-stage detection and mitigation platform that powers the overall Shape platform.

  • Stage 1: delivers real-time detection and mitigation against known HTTP API attack types.
  • Stage 2: uses multiple stages of supervised machine learning to further analyze traffic to uncover new API attacks launched by attackers as they retool, and develop new detection and mitigation rules, which are then fed back into Stage 1.

Protect Your HTTP APIs Today

Protect your HTTP APIs from API data harvesting and malicious attacks that would otherwise result in large scale fraud, inflated cloud operational costs, and additional friction for your users.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Policy.