API Security Deployment

Onboarding your API Security to Panoptica is a two-step process. You first deploy the API Security Controller in your cluster. Then you attach the Trace Sources by deploying a plugin to your API gateway.

Panoptica's API Security controller is deployed in any Kubernetes cluster as part of Panoptica's Kubernetes Controller onboarding. Together with trace sources, it can secure APIs across the entire cluster, including externally exposed APIs, and the third-party APIs your applications consume. Once the controller is deployed, Panoptica will automatically build a catalog of your APIs, analyze risks associated with them, and assign risk scores.

For more information – including prerequisites and feature details – please visit Kubernetes Controller Onboarding

Deploy controller

There are three ways to deploy the API Controller, by integrate Panoptica's Kubernetes controller into your environment:

• Deploy using the Panoptica Console UI
• Deploy using command line interface (CLI)
• Deploy using our REST API

Once deployed, the controller will appear in the API Security tab in the Settings pane

Attach Trace Sources

To complete the onboarding and gain visibility into API traffic across your workloads—as well as to/from external sources—you also need to configure API Trace Sources. This is done by deploying a plugin to an API gateway, which communicates with the Panoptica controller deployed on the cluster. Navigate to the API Trace Sources tab in Panoptica's console to attach these trace sources.

For detailed instructions regarding the gateway plugins Panoptica supports, please visit API Trace Source Installation.

To ensure that your Trace Sources can communicate with your API Controller, you may need to Expose the API Controller for Trace Sources.

Once the Controller is deployed and the Trace Sources are configured, Panoptica will start displaying information about your APIs on the API Security tab in Panoptica's main navigation menu. See API Security to learn more.