Graylog Acquires API Security Solution to Strengthen Threat Detection and Response

Graylog, a global provider of SIEM and log management solutions, is acquiring’s data-driven API security platform, broadening Graylog’s security portfolio and delivering a comprehensive API security Threat Detection and Incident Response platform.

By building integration points between the Resurface API solution—that captures complete API traffic data for insights into attacks and threats—and Graylog’s existing SIEM solution, customers will benefit from seamless API security monitoring, threat detection, and incident response capabilities, according to the company.

“APIs have rapidly become a favored attack surface for cyber criminals. Yet, not unlike the 'emperor has no clothes' fable, most APIs are exposed due to lack of security monitoring, authentication issues, and other vulnerabilities,” said Graylog CEO Andy Grolnick. This has led to the theft of millions of personal records (PII), ransomware, and other damaging attacks. What is needed is a purpose-built API security solution that is focused on the detection of and response to API-specific threats, working in concert with a SIEM to provide a more complete defense.”

According to the company, unlike other API solutions, Graylog API Security works with existing Web Application Firewall (WAF) and API gateways to provide an additional layer of defense that can also address sophisticated attacks from authenticated users who often gain entry as trial users, partners, and even paying customers.

This minimizes disruption to the security team with improvements to the organization’s overall security posture achieved in minutes.

Key Advantages of Graylog’s API Security solution include the following: 

  • Guided threat detection and response - Out-of-the-box alerts that include clear explanations and actionable steps finely tuned to each API, including OWASP Top 10 coverage.
  • Continuous, uninterrupted monitoring - Runtime scanning provides real-time threat detection without impacting app performance no matter how many threat signatures are checked.
  • Full request and response payload - Goes beyond request header data, sampling, and modeling to enable precise alerts, efficient retroactive threat hunting, incident investigation forensics, and insightful trend analysis.
  • Secure self-managed solution - Keeps sensitive data in-house, avoids third-party disruptions and PII concerns, and eliminates the hassle and red tape of SaaS security reviews.
  • Effortless implementation and maintenance - The self-contained security data lake and modern Kubernetes architecture makes Implementation and maintenance easy and cost-effective for even smaller enterprises.

“I am thrilled to become a part of Graylog and help contribute Resurface’s expertise in API security to their innovative portfolio,” said Rob Dickinson,’s founder. “’s solution takes a SIEM approach to solving the API Threat Detection issue, so there are many synergies. The Resurface API technology and solution will enable Graylog to reach a broader audience, accelerate product advancements, and provide customers unparalleled API ecosystem protection.”

For more information about this news, visit