Prophaze
  • What is Prophaze AppSec Platform? How it works?
    • Performance
    • SSL Termination
    • Modes of Operation
  • Prophaze AppSec Best Practices
  • Application Onboarding
    • Account Creation
    • Deployment Models
      • Cloud
      • On-Premise
      • Kubernetes Deployment
    • Multi-Cloud Setup
  • DASHBOARD UI OVERVIEW
    • Dashboard
    • Traffic Analysis
    • API Security
    • Attack Analytics
    • DDOS Attacks
    • Rules Page
    • Bot Mitigation
    • Anomaly Detection
    • Reporting
    • Attack Types
    • Incidents
    • AppSec Toggle Mode
    • SSL Certificate
  • HTTP Support
    • Encoding Types
    • Protocol Validation
  • Protection Use Cases
    • HTTP Protocol Violation
    • Protocol Anomalies
    • Bot Detection
    • Injection Prevention
    • HTTP Request Smuggling
    • HTTP Response Splitting
    • XSS Prevention
    • LFI and RFI
    • Session Fixation
    • SQL Injection Prevention
    • Layer 7 Dos Attack Prevention
    • PHP Application Protection
  • Detection Techniques
    • Normalization
    • Negative Security Model
    • Signature and Rule Database
  • FAQ
    • Onboarding Process
    • Dashboard Terminology
    • Attack Section
    • Rule Set
    • Traffic 360: General Traffic Logs
    • ML Based Bot Mitigation
    • Generating Reports
    • Anomaly Detection
    • General
  • Software Updates
    • Release Notes v2.3.0
  • Release Notes v2.4.0
  • Release Notes v2.5.0
  • API Security Dashboard
    • API Security Features of Prophaze
    • API security scoring
    • Host-Based API Quality Score
    • How to Enable API Security and Dashboard
    • API Security Section
  • CVE
    • CVE-2024
    • CVE-2023
    • CVE-2022
    • CVE-2021
    • CVE-2020
    • CVE-2019
    • CVE-2018
    • CVE-2017
    • CVE-2012
    • CVE-2011
    • CVE-2009
    • CVE-2008
    • CVE-2001
Powered by GitBook
On this page
  • 1. Introduction
  • 1.1. New Features
  • 1.1.1 API Dashboard
  • 1.1.2 Settings
  • 1.2. Improvements

Was this helpful?

Release Notes v2.4.0

PreviousRelease Notes v2.3.0NextRelease Notes v2.5.0

Last updated 14 days ago

Was this helpful?

1. Introduction

This release introduces new features and improvements to the product. The updates include:

1.1. New Features

1.1.1 API Dashboard

A new opt-in, dedicated API Security Dashboard has been introduced for API Security applications. The new API dashboard feature can be activated through the settings page.

The following are the features of the API dashboard:

1. Endpoints at risk widget: A view displaying the top 10 at-risk API endpoints. The following factors determine the risk for each endpoint:

  • Attack traffic

  • 401 errors (Unauthorized)

  • 403 errors (Forbidden)

  • Other 40X errors can also be considered

The risk score is calculated by assigning weightage based on the listed priority, with attack traffic being the most significant factor, followed by the others in order.

2. Geolocation chart: A geolocation graph that illustrates the distribution of API traffic across various countries.

3. Malicious vs suspicious traffic comparison chart: A graph that compares malicious vs suspicious traffic for a single host/domain.

  • Suspicious traffic includes 401 (Unauthorized) and 403 (Forbidden) errors.

  • Malicious traffic represents attack-related traffic.

Additionally, the total traffic can be compared, provided it does not clutter the visualization.

4. Top attack types chart: A bar chart displaying the top 10 types of attacks.

5. Top recent attack metrics widget: A view illustrating the latest attacks targeting an API endpoint.

6. Most consumed API endpoints widget: A bar chart displaying the top 10 endpoints with the highest traffic, based on 2xx and 3xx status codes only. Other status codes represent invalid requests.

7. API quality score widget:

A quality score is assigned to a host, independent of specific API endpoints. This score will be calculated based on the following criteria:

  1. Response Content Type (JSON/XML)

a.Evaluate the content type of responses from discovered API endpoints. The ideal response should be in JSON or XML format. Any responses with text/HTML or other invalid content types will negatively impact the score.

  1. Number of Error Codes vs. 200 Status Codes:

a.A higher ratio of error status codes (4xx, 5xx) compared to successful 200 status codes will lower the quality score. Frequent errors suggest a poorly functioning API.

  1. Average Response Time:

a.A threshold value will be established. Any response time exceeding this threshold will be considered poor and negatively affect the score, while times below the threshold will contribute positively.

  1. Average Content Length:

a.A threshold value will be established. Any response time exceeding this threshold will be considered poor and negatively affect the score, while times below the threshold will contribute positively.

  1. HTTPS Traffic:

a.The score will also take into account the use of HTTPS traffic, as secure communication is a best practice. Traffic using HTTP instead of HTTPS may be penalized.

This quality score will provide a comprehensive view of the overall health and reliability of the host, factoring in both performance and security metrics.

8. Resource-heavy endpoints widget: Displaying endpoints with high response times and large content lengths may suggest that these API endpoints are handling resource-heavy backend operations.

9. Error rate graph: A time series graph depicting the error rate of a host, where the error rates are based on traffic logs containing error status codes such as 40Xs, 50Xs, and similar.

10. Response time graph: A time series graph displaying the response time of a host over a specified time period.

11. New Endpoints Discovered widget: A card view highlighting newly discovered API endpoints. The data will be filtered to show only those endpoints that have been discovered within the past week (i.e., within the last 7 days).

1.1.2 Settings

1. Security Header toggle HSTS:

Two States:

  • Enabled

  • Disabled

Default State:

  • Disabled

When Enabled, the following options will be available:

  • Preload Option: Preload is a feature that allows your website to be included in the HTTP Strict Transport Security (HSTS) preload list maintained by major browsers like Chrome, Firefox, and Safari.

  • Include Domains: This option enables you to specify additional domains or subdomains that should also be subject to the same HSTS policy.

2. Displaying more data on the activity log:

The activity log now includes the following information:

  • Name of the account making the change, along with the IP address.

  • The login and logout times for the account

1.2. Improvements

Displaying cluster name on the Load Balancer page. Also, the user can change the cluster easily with the new cluster switcher available on this page.