.png)
Cequence Security has announced general availability of Cequence Platform 9.0, an AI-native release that changes how users interact with API security tools.
Platform 9.0 ships with a built-in AI Assistant, an open Model Context Protocol (MCP) server that exposes every platform capability to an organisation’s agents or automation workflows, a compliance-ready risk rules library mapped to 25 global regulatory frameworks, and a re-architected API security engine built to handle the largest enterprise API estates without performance degradation.
Agentic AI is transforming how enterprises interact with their customers, and internal IT teams are adopting AI agents faster than their security tools can keep up. Unlike vendors that add a simple chatbot to their existing product, Cequence took the opposite approach; the entire platform is AI-native and open, enabling customers to use Cequence’s built-in model or one of their choosing.
With Platform 9.0, any practitioner can open a conversation and start asking the questions they actually care about, without knowing the interface, navigating menus, or understanding how the product works. The platform finds the answers. Teams with sophisticated AI workflows can use their own agents to directly drive these same capabilities through the open MCP architecture, with no custom integration required.
Ameya Talwalkar, CEO at Cequence, said: “Most vendors looked at the agentic era and added a chatbot. We looked at it and rebuilt the architecture. Cequence Platform 9.0 exposes the entire Cequence platform through an open MCP architecture so any agent can operate it directly, whether through our built-in AI Assistant, or a customer’s own agent. That is what AI-native actually means: the UI becomes optional. We are building for the way the agentic enterprise already works, while making sure a human approves every change along the way.”
AI-native platform with a built-in AI assistant
Cequence Platform 9.0 ships with a built-in AI Assistant that answers plain-language questions such as “What is my biggest risk right now?” with ranked, evidence-backed findings drawn from live platform data. Unlike most security chatbots that only deliver value in the hands of experienced practitioners, the Cequence AI Assistant arrives with skills built on years of application, API, and data protection work in high-traffic enterprise environments, able to guide practitioners of all skill levels from day 1.
Agent capabilities in Platform 9.0 include:
- Drive valuable actions from simple conversation: use plain-English to easily and quickly drive results. The possibilities are endless. Have the AI Assistant classify APIs, identify risks, draft rules, and create reports, all without navigating the UI.
- Open MCP server: any MCP-capable agent, SOAR platform, or automation workflow can interact with, configure, and pull insights from the platform through an open API contract, with no custom integration, incorporating API security into broader agentic workflows
- Human in the loop: read actions run freely; every proposed write shows the exact change and requires explicit human approval before anything happens
- Full transparency: every answer exposes the AI Assistant’s reasoning and the underlying tool calls; when it lacks a tool for a task, it says so rather than guessing
“Most security chatbots are only as useful as the person asking the questions, which means they fall flat in the hands of anyone who is not already an expert. We built the Platform 9.0 agent differently. It runs a full agentic loop, planning which tools answer the question, calling them, and synthesising ranked, evidence-backed recommendations while showing you exactly how it got there. When it does not have the tool to do something, it tells you instead of guessing. That governance-first design is not an afterthought. It is the same conviction behind the Cequence AI Gateway, and it is what makes this safe to put in front of any practitioner on Day 1,” said Shreyans Mehta, CTO at Cequence.
Compliance-ready risk rules and compliance packages
Compliance is the most common forcing function for an API security purchase, and the most common place programs stall. Platform 9.0 ships the rules, frameworks, and reports to make customers audit-ready immediately, with no professional services and no custom rule development required.
Compliance capabilities in Platform 9.0 include:
- 250+ pre-built risk rules: more than four times the previous version, mapped to 25 global compliance frameworks including OWASP API Security Top 10 (all versions), PCI DSS, GDPR, HIPAA, SOC 2, ISO 27001, NIST CSF, DORA, NIS2, LGPD, SAMA, MAS TRM, and additional regional frameworks across the Americas, EMEA, and APAC
- One-click audit-ready reports: each report builds from live data, maps findings to the framework’s specific controls, scores risk by control area, and provides remediation guidance for every gap; reports can be company or partner branded
Observe mode: see how proposed rules perform for testing purposes without raising formal issues, allowing teams can add frameworks without a flood of unreviewed findings - Test panel: validates any rule against sample request and response data before activation
Re-architected API security engine built for enterprise scale
Agentic AI is accelerating API endpoint growth faster than any prior technology wave. Platform 9.0 includes a complete rebuild of the engine that discovers, catalogues, and scores risk across an organisation’s API estate, delivering higher performance at a smaller CPU footprint.
API security engine improvements in Platform 9.0 include:
- 50x increase in API endpoints supported: with sub-five-second page load times across every view regardless of endpoint count
- Reduced compute costs: CPU footprint improvements translate directly into lower infrastructure costs, especially for on-premise deployments
from Help Net Security https://ift.tt/7Q1PabI
0 comments:
Post a Comment