As more and more business-critical applications are exposed via APIs, operations teams need visibility into security attributes of APIs to:
- Ensure adherence to security policies and configuration requirements.
- Protect sensitive data from internal and external abuse.
- Proactively identify, diagnose, and resolve security incidents.
About API security reporting
API security reporting provides in-depth insights for operations teams to ensure adherence to policies and configuration requirements, protect APIs from internal and external abuse, and quickly identify and resolve security incidents.
With API security reporting, you can quickly understand how your API proxies are configured for security, as well as the runtime conditions that might impact proxy security. Using this information, you can adjust the configuration to ensure you have the appropriate level of security for each proxy.
API security reporting also helps you protect sensitive data by providing insights into user access and behavior, letting you monitor who in your organization is accessing and exporting sensitive information, and identifying suspicious behavior.
About API security reports provided in the Edge UI
Security reports are graphical representations of runtime and configuration data about your API proxies and shared flows. For an introductory walkthrough, see Explore API security reports.
Use the following API security reports in the Apigee Edge UI to view security data:
A snapshot of the most prominent aspects of proxy security, including:
A drilldown on runtime traffic conditions, including:
A drilldown on how your proxies and shared flows are configured for security configuration, including:
A table of the potentially sensitive operations performed by organization users.
Only Organization Administrators can access this UI page. No other roles, including Read-Only Organization Administrator, can access this page.
For each user you can view:
About security reports APIs
Use the Edge UI to view the security reporting dashboards as described in Explore API security reports. However, you can also use the security reports APIs to access the same information used to populate the UI.
For a complete list of the security reports APIs, see: API Security Reports.