What is Apigee Sense?
Apigee Sense analyzes data about your API traffic to identify suspected bot attacks. Using Apigee Sense, you can programmatically set up actions to be taken for each bot IP address, such as to blacklist the address.
Apigee Sense collects and uses a more detailed feature set than network-centric approaches. As a result, analysis is better for identifying patterns that represent suspected bot attacks.
Unlike Web apps, APIs are programmable, making it easier for attackers to target APIs using bots. If left unaddressed, bot traffic can:
- Skew analytics and KPIs.
- Probe for weakness in APIs to exploit and create data breaches.
- Use customer API keys to access private APIs.
- Abuse guest accounts (brute force attacks).
- Create performance headaches on Web Operations.
- Abuse loyalty programs and create fraud situations for retailers and payment providers.
- Contribute to DoS attacks.
- Scrape price data (for competitors) via APIs or Web sites to derive competitive intelligence.
How Sense works
Apigee Sense continuously monitors your web and API traffic. Apigee Sense identifies bots by using API access behavior patterns, rather than IP addresses. As a result, bots can be tracked even when they change location.
Apigee Sense uses adaptive algorithms on data aggregated across multiple customers. As a result, it is able to distinguish legitimate human traffic more effectively than would be possible from a single source of data. Adaptive algorithms automate the identification and tracking process. As a result, you need only to decide how to deal with traffic from a bot IP address.
You can have Apigee Sense alert web operations and security teams in response to significant bot attacks. In addition, Apigee Sense provides an analytics dashboard displaying analysis results for insight into bot traffic trends and metrics.
Apigee Sense is made up of four components:
- A collection engine collects a large number of relevant signals as traffic passes through Apigee Edge. Apigee Sense collects typical metadata about the source and target for the API call, as well as and metadata relating to both request content and response status. It also collects timing and latency information.
- The analysis engine assembles all the collected data into a summary data structure. Apigee Sense does a deeper analysis on this structure, examining how each request source behaves. Apigee Sense then makes judgements on whether the source has a typical “bot like” signature.
- Through the curation engine, Apigee Sense presents analysis results to users. With these results, you can specify the action to take for each identified “bot signature.”
- Finally, the action engine identifies requests as originating from robots in real time and takes the appropriate action required on such traffic.
Help or comments?
- If something's not working: Ask the Apigee Community or see Apigee Support.
- If something's wrong with the docs: Send Docs Feedback
(Incorrect? Unclear? Broken link? Typo?)