When researching the latest security trends, there is a common thread that is increasingly topical: the rise of automated hacking.

The use of automation in hacking has increased significantly and the response needs to be considered accordingly.

While the use of automation is not necessarily new, companies have inadvertently increased their attack surface over time and, to this extent, the complexity and advancements of the attacks require a different defensive approach.

Visit www.port443.co.za for more information

To support the growth aspirations of the business, the ICT landscape needs to evolve continuously. These include strategies relating to digital transformation, the increasing prevalence of connectivity to third parties, cloud-native applications, and the support of remote working. The corresponding ICT “sprawl” and complexity contribute to the challenges associated with mitigating attacks across the ever-evolving estate.

As the prevalence of API-supported technologies increases, two things should be considered.

By virtue of the fact that more and more applications have APIs, there is a corresponding increase in the attack surface exposed for exploitation.
With the increase of available APIs across mainstream security controls, there exists the ability to use these APIs in conjunction with automation platforms to improve the efficacy of the cybersecurity posture, and the defensive response.

The prevalence of the API economy can be taken advantage of when it comes to risk mitigation, management, oversight and control.

The National Institute of Standards and Technology (NIST) recommends the phases for the framework of incident response as follows.

Preparation
Detection and analysis
Containment, eradication and recovery
Post-incident activity

Using a security orchestration, automation and remediation (Soar) platform, the speed and accuracy with which these phases can be executed increase materially. A Soar platform integrates with cybersecurity controls via APIs. In so doing, the efficacy of the response to incidents can be significantly enhanced.

The preparation phase can be supplemented with automation relating to the continuous hardening of the configuration of controls according to best practice, thereby lowering the probability of an incident occurring in the first place.

The detection and analysis phase can be supplemented with automation via embedded threat intelligence feeds, contextualising the threats and reducing false positives. This, in turn, allows for a focus on true positives and false negatives, reducing analyst load and alert fatigue.

In terms of the containment and eradication phase, a Soar platform with appropriately configured playbooks will enable immediate containment, allowing for additional time to eradicate and recover.

This needn’t be a costly exercise.

While Soar platforms in and of themselves can be costly, and the skills required to develop thereon are scarce, Port443 offers these capabilities “as a service”, easily consumed across your ICT estate as a fully managed capability.

Visit www.port443.co.za for more information, e-mail [email protected] or connect with us on LinkedIn.

This promoted content was paid for by the party concerned

Global network rankings put just one SA operator on the map

South African CISOs are facing a burnout epidemic

Telkom tops 25 million mobile subscribers as data growth surges

BCX CEO Jonas Bogoshi to retire after seven years at the helm

The biggest thing missing from the state of the nation address

Russia bans WhatsApp

EU regulators take aim at WhatsApp

Musk hits brakes on Mars mission

Crypto firm accidentally sends R700-billion in bitcoin to its users

AI won’t replace software, says Nvidia CEO amid market rout

How liberalisation is rewiring South Africa’s power sector

The top-performing South African tech shares of 2025

Digital authoritarianism grows as African states normalise internet blackouts

TechCentral’s South African Newsmakers of 2025

Black Friday goes digital in South Africa as online spending surges to record high

Watts & Wheels S1E4: ‘We drive an electric Uber’

TCS+ | Cloud On Demand and Consnet: inside a real-world AWS partner success story

Watts & Wheels S1E3: ‘BYD’s Corolla Cross challenger’

Watts & Wheels S1E2: ‘China attacks, BMW digs in, Toyota’s sublime supercar’

TCS+ | Why cybersecurity is becoming a competitive advantage for SA businesses

A million reasons monopolies don’t work

Eskom unbundling U-turn threatens to undo hard-won electricity gains

South Africa’s skills advantage is being overlooked at home

Why Elon Musk’s Starlink is a ‘hard no’ for me

South Africa’s new fibre broadband battle

The rise of automated hacking, and the API response

Visit www.port443.co.za for more information

How automation can help fix the cybersecurity skills void

Port443: providing automated visibility, insight and validation

Cybersecurity: It’s how you react that matters

Vox Weather viewer numbers continue to climb across tech platforms

Vivo launches X300 flagship series in SA with 200MP Zeiss cameras

Cell C delivers maiden results with growth momentum, financial flexibility

A million reasons monopolies don’t work

Eskom unbundling U-turn threatens to undo hard-won electricity gains

South Africa’s skills advantage is being overlooked at home

Global network rankings put just one SA operator on the map

Vox Weather viewer numbers continue to climb across tech platforms

South African CISOs are facing a burnout epidemic

Vivo launches X300 flagship series in SA with 200MP Zeiss cameras

Subscribe to the newsletter

The rise of automated hacking, and the API response

Visit www.port443.co.za for more information

Related Posts