Introduction to API security reporting

As more and more business-critical applications are exposed via APIs, operations teams need visibility into security attributes of APIs to:

  • Ensure adherence to security policies and configuration requirements.
  • Protect sensitive data from internal and external abuse.
  • Proactively identify, diagnose, and resolve security incidents.

About API security reporting

API security reporting provides in-depth insights for operations teams to ensure adherence to policies and configuration requirements, protect APIs from internal and external abuse, and quickly identify and resolve security incidents.

With API security reporting, you can quickly understand how your API proxies are configured for security, as well as the runtime conditions that might impact proxy security. Using this information, you can adjust the configuration to ensure you have the appropriate level of security for each proxy.

API security reporting also helps you protect sensitive data by providing insights into user access and behavior, letting you monitor who in your organization is accessing and exporting sensitive information, and identifying suspicious behavior.

About API security reports provided in the Edge UI

Security reports are graphical representations of runtime and configuration data about your API proxies and shared flows. For an introductory walkthrough, see Explore API security reports.

Use the following API security reports in the Apigee Edge UI to view security data:

Security report Description
Overview

A snapshot of the most prominent aspects of proxy security, including:

  • Total traffic from clients to proxies, by environment.
  • Traffic over time by region.
  • Potentially sensitive operations performed by users (Organization Administrators only).
Runtime

A drilldown on runtime traffic conditions, including:

  • Amount of traffic for each of your proxies, targets, and apps.
  • Amount of traffic arriving over non-HTTPS, rather than HTTPS.
  • Amount of traffic going to virtual hosts.
  • Amount of traffic going to proxy targets.
Configuration

A drilldown on how your proxies and shared flows are configured for security configuration, including:

  • The security-related policies, such as OAuthv2, SpikeArrest, and FlowCallout, configured in your proxies.
  • The shared flows used by your proxies.
  • How virtual hosts are configured.
User Activity

A table of the potentially sensitive operations performed by organization users.

Only Organization Administrators can access this UI page. No other roles, including Read-Only Organization Administrator, can access this page.

For each user you can view:

  • The number of logins.
  • The number and percentage of potentially sensitive operations performed in the UI and API.
  • The change in user activity over a time period.

About security reports APIs

Use the Edge UI to view the security reporting dashboards as described in Explore API security reports. However, you can also use the security reports APIs to access the same information used to populate the UI.

For a complete list of the security reports APIs, see: API Security Reports.