Internal APIs

This tab shows the inventory of internal API traffic, between workloads in your environment, grouped by destination workload (service). For each service, details for the service are shown, including the cluster, namespace, and workloads.

Click on a row in the inventory list to show more detail.

The detail for the API has these tabs:

API Details

This tab shows more detail for the API. This includes:

• API Description - details for the destination service (workload)
• Client Workloads - the source workloads using the API
• Compliant to - select API Policies to determine if the API is compliant
• Top Risk Categories - the number of findings discovered in the API, according to the risk level of the finding
• Finding History - the distribution of number of findings over time, according to finding risk level

Specs

This tab has functions to perform an API Spec analysis, to compare the actual API traffic with a spec (OAS format), or to update the spec according to actual traffic.

See API Spec analysis

Risk Findings

This tab has functions to examine risks that were discovered in actual API traffic that was monitored. This includes the following:

• Security Posture - this is a list of findings, grouped by category
• BFLA (Broken Function Level Authorization) - this checks authorizations performed by the API against a model, to determine if inappropriate authorizations are being made, a potential risk
• Test - Fuzzing Testing (stress testing)
• Trace analysis - collect and analyze actual API traffic for security issues. Issues that are found are listed in the Security Posture list and in the SPECS tab.

See API Findings