API security helps manage and protect APIs for your websites by leveraging sampled user access logs and built-in machine learning models. The system automatically scans associated APIs to detect potential threats and provides a management portal for monitoring and analysis.
To enable the API security feature, contact your account manager.
Key features
Feature | Overview |
With machine learning and session identifiers, ESA automatically discovers the APIs for your website. You can evaluate and manage discovered APIs in API Security. | |
ESA monitors your managed APIs to help you understand their performance and security status. The feature also offers rate limiting suggestions to protect your APIs from excessive traffic, enhancing overall security. | |
After you upload an API schema (such as an OpenAPI specification), the system automatically maps it to your managed APIs. It then validates incoming requests against this schema and applies your configured security policy to any non-compliant traffic. | |
Create API token validation rules by configuring JSON Web Token (JWT) validation policies and applying them to your managed APIs. ESA then validates incoming requests against these tokens to secure your business APIs. | |
API security settings enable centralized management of Session Identifiers, Schema Validation Settings, and Token Configurations. |