As more and more business-critical applications are exposed via APIs, operations teams need visibility into security attributes of APIs to ensure adherence to security policies and compliance requirements, protecting sensitive data, and identifying security incidents. API security report, which are currently in beta, are graphical representations of runtime and configuration data about your proxies and shared flows. This feature will greatly help operation teams in their Edge UI. There are three main functionalities Apigee Edge’s API Security Reporting function has aimed to improve; security compliance, data protection, and precision diagnosis.
Apigee’s API Security Reporting function addresses the design time governance of your product. This ensures that your developers are building APIs that incorporate all the policies that are required by your compliance teams. Before these reports, the security/compliance team would need to manually review each individual proxy and shared flow to determine if it was in compliance with the organization's security policies. This was extremely labor intensive and prone to errors. In many cases, customers think the APIs that are constructed are automatically adhering to the security policies only to figure out that’s not the case when you come across a security incident that is discovered related to the proxy. For example, when it is discovered that a proxy is not validating API keys and thus could be allowing public access to sensitive information.
Most organizations will have hundreds of API proxies setup in Edge. This new feature allows your users to identify proxies that don’t adhere to traffic, security, and extension policy requirements. Previously, someone needed to manually review these one-by-one to collect the information that is now displayed in the new reports. This can save hours of manual reviews and allow for more frequent monitoring of the security compliance of an organization's API proxies. Now, they’ll be able to review the shared configurations and revisions for proxies while also analyzing virtual hosts and ports with HTTPS and non-HTTPS traffic. Your proxies and shared flows can now be configured to the security-related policies, such as OAuthv2, SpikeArrest, and FlowCallout.
Enterprises store a lot of sensitive data in their APIs and API platform; developer information, trace sessions, API keys, etc. All of this information is vulnerable to abuse from both internal and external users. API Security Reports allow administrators to closely monitor your organizations user access to sensitive information, while detecting any other suspicious behavior or security incidents. It provides insights into trends and activities that could indicate malicious use, such as a single user retrieving excessive amounts of data.
Once an incidents or behavior has been detected, the function will quickly resolve the problem at hand. The User Activity report lets you select an amount of time and based on that will show you all of the users who have accessed the organization, the number of logins, and give you a percentage of sensitive operations. If a specific user has a higher percentage of sensitive operations, you would know instantly to restrict that users permissions.
This function addresses the runtime governance of your APIs. It identifies anomalies, or unexpected changes in the use of your proxies, in your traffic patterns and the applications that are causing them. For example, you can see that a proxy normally averages around 1000 requests per day, but there is a 15-min period where it received 10,000 requests. That would be an anomaly that needed to be investigated. From there it can distinguish your secure traffic vs. a potential threat and analyze which applications and backend targets are being affected. It’s main purpose is to identify the root causes to those anomalies, operations teams find it very useful for overall regaming meantime to diagnose the issue at hand and take action. Previously, it was much more of a manual process trying to extract relevant data from other logs or analytics sources.
As premier partners of Apigee, Achieve Internet stays up to date with the latest released features and updates. This feature in particular will ensure adherence to security policies and compliance requirements, protection of sensitive data, and the ability to identify, diagnose, and resolve your security incidents. As more and more business-critical applications are exposed, it’s important to now be able to see the security attributes of those APIs.