API Catalog

Traceable's API catalog gives you a high-level as well as deep knowledge of your API ecosystem. API catalog helps you in discovering and understanding the APIs that pass through your API gateways, as well as shadow and zombie APIs. Shadow APIs are the APIs that have been missed from your API management and governance systems. Such APIs can potentially be a security risk to your organization. Zombie APIs are those APIs which are replaced by newer versions, but the older versions were not removed from operations. As these APIs are forgotten, they pose a security threat to your organization. API Catalog helps you by discovering such unaccounted APIs in addition to your other APIs. It also helps your development and security teams to remain up-to-date with changes in your APIs, as well as discovering new APIs. 

Using API Catalog, you can get a clear view of the external and internal, along with authenticated and unauthenticated APIs. The catalog also provides information about sensitive and non-sensitive data. In addition to displaying different kinds of information about your APIs, Traceable makes all this information actionable. For example, if you see a specific API being accessed more than your expectation, you can set rate limits on it. If you see an API being attacked or misused, you can block the user, and so on.

Using Traceable's API Catalog, the security teams can view OpenAPI specification that Traceable generates. You can also download and use OpenAPI Spec for APIs in your other applications.

The following diagram shows a high-level view of what API Catalog encompasses:

API Discovery

Traceable discovers edge APIs as well as internal APIs or services in your infrastructure. The API endpoint discovery is a multistep process in which Traceable builds a learning model by observing URLs, headers, request, and response bodies in the span. Traceable starts the API endpoint discovery process and identifies malicious or junk traffic and automatically skips API creation. This helps by reducing the number of invalid APIs being created.

API discovery is a multi-stage process. When Traceable completes the discovery process, it identifies an API as a combination of a method and a valid path. For example, GET /products/catalog is a different API than POST /products/catalog. The following are high-level stages of the discovery process:

1. A non-error code API response is detected. The API discovery process starts.
2. Traceable starts learning about the API and names it based on the method and URLs that it detects. You can later rename the APIs. For more information, see API Discovery. 
3. APIs are categorized based on the types of users and the user requests.
4. Traceable continues to learn about the newly discovered APIs and starts detecting attacks and anomalies on them. During this period of learning, Traceable calculates and sets the thresholds for attack and anomaly detection.

The information gathered based on API Discovery includes:

• API Activity
• API Endpoints
• Application Flow
• Domains and Services
• Backends

Traceable displays whether the various parameters of an API or the API DNA is learned or under learning by using the following icons:

• - Learning
• - Learnt

When you hover over these icons, Traceable provides additional information about whether the API DNA is learned or under learning. For example, if the API DNA is under learning, Traceable gives a message similar to as shown. This means that you need to send more traffic for Traceable to learn various parameters of the API:

If the API DNA is learned, Traceable displays a message similar to as shown:

API Risk

API Catalog also gives you insights into API Risk. Knowledge about various Vulnerabilities detected by Traceable as well as Sensitive Data flowing through your APIs help in understanding the risk factor to your APIs. Traceable helps you with providing:

• New Data Types
• Sensitive Data Types
• API Endpoints with sensitive data types

Vulnerabilities are security gaps in your API definition that the threat actors may exploit to attack your API infrastructure. Traceable provides you with detailed information about the vulnerabilities and suggests some mitigation options to overcome those gaps in APIs.