Astra API Security Platform
Written by Alex Armstrong   
Monday, 15 September 2025

Astra has launched a new API security solution that offers real-time visibility and automated pentesting to secure "zombie" and undocumented APIs before they can be exploited.

Astra Security's existing continuous security platform is already saving customers millions of dollars in potential data breach costs. Last year, it uncovered more than 2.8 million+ vulnerabilities, and this new solution expands on that to address "unchecked API sprawl," a growing problem for organizations undergoing digital transformation.

As Shikhil Sharma, co-founder and CEO of Astra Security, explains: 

“APIs continue to be the unguarded backdoor to corporate data. Automated security tools tend to focus on web applications, overlooking APIs. All the innovation happening in the AI world, with AI Agents to MCP servers, has APIs as its backbone."

The new Astra API Security Platform automatically discovers and scans these hidden APIs, which can include:

  • Zombie APIs: Abandoned or outdated endpoints that are easy targets for attackers.

  • Shadow APIs: Built outside official security controls, they can expose sensitive data and bypass governance.

The platform goes beyond reactive, siloed tools by providing proactive, automated protection. Most businesses lack a complete API inventory, and developers often don't run active security tests on the APIs they build. Astra's platform solves this by providing complete visibility and autonomously testing for vulnerabilities.

This video introduces its features:

 

Ananda Krishna, Astra Security's co-founder and CTO, adds,

"It’s essential to identify weaknesses before they lead to compromised data. By applying a hybrid strategy, our API Security Platform identifies security issues others miss, from misconfigurations and broken authentications to authorization flaws."

The most popular package API security Pro costs $499 per month and includes:

  • 60 API DAST scans per month with 15,000+ authenticated test cases
  • Integrations with tools like JIRA and Slack
  • Automatic re-scans of vulnerabilities after fixes
  • Continuous observability to detect orphan, shadow, and zombie APIs

There's a 15% saving for subscribing on an annual basis.

 astrasq2

More Information

Astra API Security Platform

Related Articles

What You Need to Know About API Security

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

 

Banner

Node.js Adds Default Type Stripping
21/08/2025

The latest update to Node.js adds type stripping by default, along with other more minor improvements including the propagation of permission model flags on spawn; and a fix to allow correct handling  [ ... ]


+ Full Story
Oxlint Rust Powered Linter Reaches 1.0
26/08/2025

The first stable version Oxlint, a Rust-powered linter developed as part of the Oxc toolchain, has been released. The new linter promises a 50 to 100 times performance improvement over ESLint along wi [ ... ]


+ Full Story
More News

pico book

 

Comments




or email your comment to: comments@i-programmer.info

 
Last Updated ( Monday, 15 September 2025 )