API Security

Cisco Panoptica evaluates API sites used by workloads in your environments, and assigns a risk score to them. This includes external API sites and internal API traffic between workloads.

The APIs page shows inventory of APIs used by your workloads. The External APIs tab shows external API sites used by your workloads, while the Internal APIs page shows API traffic between workloads. These lists are created and updated automatically by Panoptica.

Panoptica evaluates the risk associated with each API and indicates this, along with security findings that it discovers for the API.

You can upload API specs to Panoptica (OAS format) for the APIs used by workloads, whether internal or external. These are analyzed, and contribute to the risk scores.

You can also evaluate compliance of APIs to API Policies , for both internal and external APIs.

Panoptica also performs a trace analysis on actual API traffic (again, both internal and external), to identify security issues, and uses this in calculating the risk scores.


What’s Next