APIs Under Threat
- 31 May 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
APIs Under Threat
- Updated on 31 May 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
The APIs Under Threat page of API Protection provides information about the APIs under attack during your selected time period. It also provides details about the malicious behaviors and the corresponding threat actors.
The Statistics section on this page displays the following information:
Top malicious behaviors and the corresponding number of affected APIs.
Top 6 threat types
The top threat types are further classified into different categories based on:
Traceable identified threat type
CWE
This categorization helps you identify threats based on OWASP's industry standard definitions of API threats.
The APIs under threat page also provides a list of APIs that are under attack along with various other information. Traceable displays the name of the API under attack along with the API method.
Another important piece of information about the attack is the origin of the attack. If you see numerous attack requests from a specific country, you can block all the requests from that country. You can use Traceable's location-blocking option to block attacks originating from a location. Navigate to Protection → Settings → Custom Policy. Click on Add Policy and choose Malicious Sources to create the policy.
The page also displays the following for an API:
Total number of requests
Total number of threat requests and blocked requests
List of malicious behaviors
Latest malicious behavior
Threat Actors
You can view more information about the API under attack by clicking on the listed API Endpoint, for example, POST /cart. You can also click on Add Filter or choose from the Attributes on left to fine-tune the displayed results according to your requirements. For example, Malicious Behavior, Actor Country, and IP Organisation.
Additionally, you can click on the Actions drop-down and download the list of APIs under threat as a CSV file. While downloading, you can also select the number of rows you want to download from the list.
Was this article helpful?
