- 05 Jul 2024
- 2 Minutes to read
- Print
- PDF
Posture Events
- Updated on 05 Jul 2024
- 2 Minutes to read
- Print
- PDF
Posture Events in API Catalog capture certain events, such as vulnerability discovery, API discovery, changes to an APIs risk score, sensitive data discovery, and so on. These events can be seen in the Posture Events page for your selected time duration and environment. The page represents the following:
Component | Description |
---|---|
Type | The type of change event occurring in your application. For example, Sensitive Data discovery. |
Description | The description of the event. |
Notification | The icon to indicate if notifications are enabled for that event type. For example, the notification icon corresponding to a Sensitive Data event in the below screenshot. |
Info | The link to view detailed information about the event. |
Time | The time at which Traceable observed the event. |
The events are displayed in reverse order by default, with the latest event at the top.
The following table lists the events that Traceable captures:
Event | Description |
---|---|
Risk Score Change | If the risk score category of an API changes. For example, the risk score of an API changes from 2 to 3, making it a Medium risk API from a Low one. |
Service Discovery | If Traceable discovers a new service in your application. For more information, see Domains and Services. |
Vulnerability Discovery | If Traceable discovers a new issue (vulnerability) in your APIs. For example, the Lack of Encryption vulnerability in an API. For more information, see Issues. |
Domain Discovery | If Traceable discovers a new domain in your application. For more information, see Domains and Services. |
Backend Discovery | If Traceable discovers a new backend in your application. |
Third Party Domain Discovery | If Traceable discovers a new third-party service in your application. For more information, see Third-party. |
Third Party API Discovery | If Traceable discovers a new third-party API in your application. For more information, see Third-party. |
Sensitive Data Discovery | If Traceable discovers sensitive data flowing through your APIs that was not flowing earlier. For example, Credit Card PIN. For more information, see Sensitive Data. |
API Discovery | If Traceable discovers learned API endpoints in your application. For more information, see API Endpoints. |
Sensitive Data sent to 3rd Party APIs | If Traceable discovers that sensitive data is being sent to a third-party. For example, Credit Card details. For more information, see Third Party. |
Vulnerability Status Change | If Traceable discovers any change in the vulnerability status. For example, a vulnerability status change from Open to Under Review. |
You can click the icon in the Info column corresponding to any event to view its details; however, the details depend on the event type you click on. For example, upon clicking on a Vulnerability Discovery event type, the page displays the issue along with its details, such as source, severity, CVSS score, the API endpoint it was found in, and its mitigation suggestions.
Traceable also allows you to fine-tune the events present on the Posture Events page by filtering the data according to your requirements, for example, event type, endpoint name, and so on. You can add as many filters as you wish to drill down or search for a specific event. Once you have filtered the events based on your search criteria, you can view the detailed information by clicking on the specific event. You can also click on the Download icon () in the page’s top right corner to download the list of events as a CSV file. While downloading, you can also select the number of rows you want to download from the list.
Along with the above features, you can also set up custom notifications that you want to receive for specific event types. For the steps to do this, see Notification. Once done, Traceable shows the notification icon corresponding to the event type, as shown in the screenshot above.