Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

API Security

Our advanced API Security Module ensures continuous discovery and monitoring of APIs, enabling real-time identification and tracking of all types, including edge APIs.

API Security Module Overview

This provides organizations with comprehensive visibility into their API ecosystem, allowing for detailed analytics and enhanced security measures.

1. Continuous API Discovery:

  • The API Security Module constantly monitors your environment, discovering new APIs and tracking various API types, including edge APIs.

  • Continuous discovery ensures that any new or previously unknown APIs are identified in real time, reducing the risk of shadow APIs going unnoticed.

2. Dashboard and Analytics:

  • The dashboard provides a centralized view of all API endpoints and offers detailed analytics to monitor API performance and security.

  • The dashboard visualizes data, making it easier to identify trends, analyze traffic, and assess security issues across different API endpoints. This aids in proactive security management.

3. Detailed Examination of API Actions:

  • You get detailed insights into the actions performed by APIs, such as headers, query parameters, and body parameters.

  • This granular level of visibility helps security teams understand how APIs are being used and pinpoint potential vulnerabilities based on the data being transmitted.

4. Analytics:

a.)Endpoint Information:

Shows the method used (e.g., GET, POST) for each endpoint, the number of attacks detected, and traffic data. This helps monitor which endpoints are most vulnerable or most accessed.

b.)Attack Analytics:

Tracks attempted and successful attacks on APIs, helping to refine security policies.

c.)Traffic Analytics:

Monitors traffic to identify usage patterns or anomalies, which could indicate an attack or unusual behavior.

d.)Top IP Addresses/Countries:

Identifies the origin of traffic, helping you recognize potential threats from specific IPs or geographical locations.

e.)Status Codes:

Shows HTTP response codes, which help to understand if endpoints are functioning correctly or are facing issues (e.g., too many 404 errors).

Two Methods for Activation:

  • Onboarding Configuration: API security can be set up during the initial onboarding process to ensure security is embedded from the start.

  • Domain Settings: API security can also be activated or modified later through the domain settings, providing flexibility for adjustments as needed.

The API Security offers comprehensive tools to monitor, analyze, and secure your APIs. With continuous discovery, detailed analytics, and the ability to customize rules, it ensures that your APIs are protected against evolving threats, all while providing deep visibility into API performance and security.

PreviousTraffic AnalysisNextAttack Analytics

Last updated