- 28 Jul 2022
- 1 Minute to read
- Updated on 28 Jul 2022
- 1 Minute to read
The Threat Activity page under Traceable's API Protection provides you with high-level as well as detailed information related to various threats on your APIs. The summary section provides information based on all the logged and blocked activity along with the top detected threats. The summary section is further divided into sections based on:
- Malicious activities
- Malicious sources
- API abuse
The top threat types are further classified in different categories based on:
This categorization helps you in identifying threats based on OWASP's industry standard definitions of API threats.
Detailed threat activity view
You can view in-depth and detailed information about threat activity by filtering based on different API attributes, for example, Endpoint name, Service name, threat actor country, and so on. You can add as many filters as you wish to drill down or search for a specific threat activity. Once you have filtered threat activity based on your search criteria, you can view the detailed information by clicking on the specific threat activity.
The detailed information about threat activity gives you information such as when it was first and last detected, the total number of requests, the affected end points, the different threat actors involved in that threat activity, and so on. You can further drill down on an individual request to view information about payload and session information. In the session information, Traceable provides a detailed information about the request made to the affected endpoints and services. You can further drill down to fetch information about each request to the affected endpoint. Following is a clickable demo showcasing the various in-depth information that Traceable provides about the threat activity in your API ecosystem.
The Request Timeline displays the number of requests received during a specific time period. You can click on that circle to narrow down your search for that specific time period.