Upstream’s Automotive and Smart Mobility API Secuerity

Additional Info

CompanyUpstream Security
Company size (employees)100 to 499
Headquarters RegionMiddle East
Type of solutionCloud/SaaS


With connectivity, software-defined vehicles and smart mobility applications on a sharp rise, API vulnerabilities may have a dramatic impact on vehicle cybersecurity posture and safety. Upstream’s API Security solution is purpose-built for smart mobility use cases, layering API discovery and monitoring with best-of-breed detection and response to protect against direct and third-party vulnerabilities, attacks, misconfigurations, and design flaws.

*API Catalog and Attack Surface Discovery*
The solution is designed to discover and ingest information on billions of API transactions and maintain a running profile of all APIs, applications, and services. In the discovery process, the platform ingests and models API information into a standard structure. Then API calls, verified using a custom algorithm, are compared to the created profile to identify and detect anomalies and outliers. This continuous process supports the discovery of API behavior as they develop and evolve. All discovered APIs are added to the API catalog, where the profiling process begins.

*API Transactions Performance Monitoring & Shift Left*
The solution increases security posture and development velocity with continuous monitoring of APIs for any misconfigurations or impacts on vehicle or mobility asset functions, correlated in real-time with Upstream’s digital twin. The platform enables users to view triggered alerts and gain insight into monitored APIs. The platform also enables decision-makers and analysts to identify and deeply understand trends and high-risk APIs that might be more vulnerable or prone to quality issues.

*Contextual Anomaly Detection*
Effectively detecting and mitigating cyber attacks is a core capability of the solution, which includes multiple attack detection strategies. The solution expands beyond OWASP Top 10 risks and leverages Upstream’s digital twins of the vehicle, consumer, and applications. To detect unknown threats, the platform utilizes proprietary algorithms, event chains, and machine learning capabilities to ensure the protection of services and assets.

How we are different

- Agentless solution with fast time-to-security: The solution leverages existing connected vehicle and mobility data streams to offer a comprehensive and actionable view of all assets to deliver effective discovery and prioritize risks and triggers. The platform can be installed in any cloud environment and doesn't require any software or hardware installations in vehicles.

- Contextual API Security: The contextual impact of API transactions is critical for effective anomaly detection. With robust digital twins, live digital representations of the state of vehicles, consumers, applications and other related assets, Upstream offers a comprehensive view of all assets impacted in real-time for contextual detection.

- Purpose built for automotive and smart mobility applications: The platform integrates deep automotive and mobility expertise that set it apart from other IT-driven API security solutions. Unlike IT infrastructure and applications, in the mobility ecosystem API transactions have an effect on safety and therefore require a different approach. Automotive and Smart Mobility applications also generate massive amounts of transactions which require unique data engineering and analytics technology to support continuous API monitoring and anomaly detection.