parallax background

Our Unique API
Deep Message Analysis Engine

parallax background's API security and analytics platform addresses all concerns for APIs in production: discovery, hacking, API abuse, and misconfiguration.

Unlike other approaches that require endless rules updates or software agents,'s plug and play solution allows companies to protect both legacy as well as modern APIs, and defend the business processes they power. ensures that APIs are being used as intended.

Our Deep Message Analysis Engine

We uniquely use Information theory principles combined with advanced machine learning algorithms to perform deep message analysis and measure "entropy" - the amount of unique information carried in the API payload. We continuously identify and monitor API calls, sessions and users to detect anomalies.

Parse API Traffic: Unpack the protocol stack, allowing full 7-layer deep message analysis

Detect APIs: Discover and catalog APIs and compare them with ingested API schemas

Calculate Entropy: Discover unique and relevant content using our patent-pending engine

Learn and Alert: Perform multi-dimensional profiling on calls, sessions, users, IPs and APIs using our proprietary machine learning engine to flag high-value anomalies

PII and PHI Protection: Detect the presence of credit cards, social security numbers, health records and other PIIs and PHIs to strengthen regulatory compliance

Harden Business Processes: Detect violations of Open Banking, and other financial and healthcare standards

Filter: Ignore benign and repetitive information

Match: Match each resource with previously-learned profiles

Identify differences: Perform edit distance comparison, find PIIs and PHIs

Compute: Determine the amount of the changed and useful information

Cross-Correlate: Compare multi-dimentional profiles to reduce false alerts

OWASP API Top 10: Identify the flag key anomalies

Business Process: Protect business processes by including process-specific anomalies

Deploy in Minutes. Zero Performance Impact monitors your API traffic through a tap, a monitor port or a reverse proxy. We do not add any latency to API calls or the business processes they support. When needed, we can also deploy as forward proxy to identify and sanitize APIs with sensitive information.

The system automatically sniffs and learns the profile of calls, sessions, users, IP addresses and API endpoints. It requires no configuration and no rule updates. Like a good wine, it becomes better and better over time by understanding the business logic and identifying areas of interest.


Our system can scale from the simplest configurations to monitoring Fortune 100 enterprises.

It can secure APIs that are consumed by the enterprise, APIs that are produced by the enterprise as well as SaaS cloud-to-Saas Cloud API communications.

On-Premise, Cloud or Hybrid Configuration

The system can work equally well on-premise or on the cloud. We can even deploy between clouds or SaaS providers so that you can secure the information exchanged between them. We support all major cloud providers as well as a variety of on-premise or hybrid deployment models.

Request a demo