API Spec analysis

The SPECS tab in either the INTERNAL APIS or EXTERNAL APIS sections shows findings from the analysis of API specs that are uploaded to Panoptica, or reconstructed from actual API traffic.

Panoptica analyses the API specs for security issues. These are shown as findings in this tab, and in the Security Posture tab.

You can review and modify the uploaded or reconstructed spec, to add or correct fields or parameters.

Upload an API Spec file

  1. Select the API with which the spec will be associated from the INTERNAL APIS or EXTERNAL APIS list.
  2. Select the SPECS tab
  1. Click Upload a spec and then select or drag the API spec file. Spec files should be OAS type
  2. Click FINISH. The file will be uploaded as a spec.

Reconstruct an API spec from actual traffic

  1. In the APIs page, select the API (Internal or External) from the list.
  2. Select the SPECS tab.
  3. Click collect data. Select the period of time during which API traffic will be collected to reconstruct the spec, and select the cluster, then click OK.

The spec reconstruction process will begin, based on monitored actual API traffic. The reconstruction will continue for the selected period of time.


Review specs

Once an API spec has been uploaded or reconstructed, you can review it.

  1. Select the API, and then select the SPECS tab. The left pane shows the API structure, organized by OAS categories. The right pane shows detail for the element of the structure selected on the left.

Reset spec

You can remove an uploaded or reconstructed spec for an API (uploaded or reconstructed), and upload or reconstruct it again.

  1. Select the API spec, then select the SPECS tab.
  2. Click Reset.

View Spec Analysis findings

Spec analysis findings are shown in the RISK FINDINGS tab, typically in the category api-specification. The source for these findings is 'oas-analyzer'. Findings are grouped by severity.


Difference analysis

You can check for differences between actual API traffic and an uploaded spec. This can highlight instances in which the spec is not implemented accurately in actual traffic (or, conversely, cases in which the spec requires revision).

  1. Select the API to be investigated.
  2. Select the SPECS tab.
  3. Click Start diffs detection.
  4. Select the period of time to collect actual traffic, to be compared with the spec, then click OK. Actual traffic will be collected for the selected period of time, then compared with the spec. Differences will be listed as findings in the RISK FINDINGS tab.