Overview of Advanced API Security

This page applies to Apigee and Apigee hybrid.

View Apigee Edge documentation.

Advanced API Security continually monitors your APIs to protect them from security threats, including attacks from malicious clients and abuse. Advanced API Security analyzes your API traffic to identify suspicious API requests, and provides tools to block or flag those requests if you decide to do so. In addition, Advanced API Security evaluates your API configurations to ensure they meet security standards, and gives you recommendations for improving them if needed.

The diagram below illustrates how Advanced API Security works.

Overview of Advanced API Security.

Advanced API Security uses the following process to protect your APIs:

  1. API Security collects data for recent traffic passing through your APIs.
  2. API Security analyzes the data to detect unusual traffic patterns that indicate a threat to your APIs.
  3. API Security presents the results of the analysis in following pages in the Apigee UI:
  4. After reviewing the analysis, you can choose to block or flag requests from specific IP addresses using the security actions page. You can also create security alerts, which notify you of events related to API security.

Advanced API Security is a paid add-on to Apigee and hybrid. You can try it for free in any trial organization. Contact Apigee Sales to learn more.

To use Advanced API Security, you must first enable it, as described in the following sections:

Advanced API Security features

The following sections briefly describe the features of Advanced API Security.

Abuse detection

Abuse detection shows you security incidents involving your APIs. A security incident is a group of detected security events that are related to each other. Advanced API Security uses detection rules, based on Google's machine-learning algorithms, to identify patterns that are signs of malicious activity, including API scraping and anomalies. You can then take measures to counter those threats using security actions.

Security reports

Security reports give you more in-depth analysis of security threats to your APIs. For example, you can create reports for the number of malicious requests by various dimensions, such as the country of origin of the request. You can view these reports in the Apigee UI or via the API.

Risk assessment

Risk assessment helps you identify APIs that don't conform to security standards. Risk assessment regularly evaluates your API configurations and calculates scores to rate their security level. When a low score indicates a configuration issue, Advanced API Security provides recommendations to resolve the problem.

Security actions

Security actions let you define how Apigee handles detected traffic, based on information from the Abuse detection page. For example, you can create a security action to deny requests from an IP address that has been identified as a source of abuse.

Security alerts

You can configure security alerts to send you notifications when Advanced API Security detects events related to API security, such as changes to your security scores or security incidents.

Note: Advanced API Security does not affect runtime traffic.