API risk management
This page explains the meaning of risk score and threat index.
Traceable displays all the discovered, under-discovery, and inactive APIs on the API Endpoints page based on the time range. You can choose the time range from the top-level menu. The API Endpoints page also displays the under-discovery APIs.
Traceable calculates and displays two actionable pieces of information about discovered APIs:
    Risk score - A normalized value between 1 and 10. The higher the score, the higher is the risk to the API.
    Threat index - Each discovered API has a threat of one among, Low, Medium, or High.
Risk score and threat index are independent of each other. Both the values can change over time based on new learning.

Risk score

Traceable calculates a risk score for each API, that is, under discovery and discovered APIs. The risk score denotes the likelihood of an API being vulnerable to attacks and the impact if the API gets attacked. A high-risk score does not necessarily mean that the API is under attack. A high-risk score provides you an insight to make changes to your API to make them more secure. The Risk score is calculated based on the following:
    Likelihood - The likelihood of an API having a high-risk score is dependent on whether:
      The user requests are coming from a diverse set of IP addresses
      The API is an external API
      The API is unauthenticated
    Impact - The impact that an attack can have on business continuity. The impact is dependent on whether:
      Request contains parameters
      The response has sensitive data
      If you have tagged the API as critical
      If you have tagged the API as sensitive
You can view the risk score along with the reasons for the score on the DNA tab of the API Endpoint details page. You can navigate to the details page by clicking on the API under the Name column on the API Endpoints page.
Risk score

Threat index

The threat index indicates the level of threat activity on each API. An API having a low-risk score can have a high threat index. At the same time, an API with a high-risk score can have a low threat index. Traceable determines the threat index after considering various parameters, for example, threat actors for an API, event severity, attacks blocked on an API, and so on.
The threat index can change over time based on threat mitigation actions you may take on APIs. Traceable also keeps monitoring the APIs and may change the threat index based on new information it processes.
You can view the threat index on the API Endpoints landing page under the Threat Index column.
Under-discovery APIs do not have a risk score and threat index.
Last modified 2mo ago
Export as PDF
Copy link