tencent cloud

Feedback

API Security Practice Tutorial

Last updated: 2024-09-05 11:40:21

    Overview

    Users can enable the API security analysis feature on the Access Management Page, and observe and analyze API assets and risks by combining features such as API traffic analysis, API asset management, API security, event management, and access logs. This allows for targeted policy settings to protect website API assets and businesses from network attacks and infringements, preventing the sensitive data leak.
    
    The process of API security practice tutorial is as follows:
    

    Prerequisites

    To enable API Security, you need to purchase the instance's version corresponding to WAF.
    On the Access Management Page, select the domain name to be protected and enable the API Security switch.
    

    API Traffic Analysis

    1. Log in to the WAF Console, and choose Safe and visible > APl Analytics in the left sidebar.
    2. On the APl traffic analysis page, select the corresponding domain name from the top left corner. The right side shows whether API Security is enabled for the current domain name.
    
    Display Instructions:
    Field Name
    Description
    API asset overview
    Statistics on the total number of API assets under the current domain name and the number of assets in corresponding statuses.
    API security risks overview
    Statistics on the number of risky APIs, sensitive APIs, and API events under the current domain name.
    Asset activity status related
    Statistics on the ranking, quantity, and trends of active APIs and inactive APIs under the current domain name.
    Sensitive data API related
    Statistics on the classification, ranking, and proportion distribution of sensitive APIs under the current domain name.
    API event related
    Statistics on the risk proportion of detected API events, ranking of related event numbers, event type proportions, number of events, and trends under the current domain name.
    3. By clicking the text in the chart, you can navigate to the API asset list/API asset details page.
    

    API Asset Management

    Users can manage and mark relevant API assets by changing the API asset status, making it convenient for subsequent statistics, analysis, and handling of API assets.
    1. Log in to the WAF Console, and choose Asset Center > API Asset Management in the left sidebar.
    2. On the API Asset Management page, select the domain name to be protected in the top left corner. The right side shows whether the API Security is enabled for the current domain name.
    
    3. On the API Asset Management page, select the API for which you want to change the status, and click Asset Status or Status changed for the API asset.
    
    4. In the status changed window, modify the relevant parameters, and click Submit.
    
    Description of the Status changed Page:
    Field Name
    Description
    Username
    Default to the current console account name, supporting user customization
    Remarks
    Status note description, up to 100 characters.
    Status
    Cover five statuses: Detected, Confirming, Confirmed, Abolished, and Ignored.
    5. On the API asset management Page, select the API asset details you want to view, and click View details in the Operation column.
    
    Description of the TAB details page:
    Field Name
    Description
    API overview
    Access trend, access source distribution, and request feature statistics of the current API.
    API attack overview
    Attack trends and statistics of top abnormal requests for the current API.
    Parameter example
    Request data and response data of the current API.
    Parameter list
    Parameters in the request and response data of the current API.
    Associated event
    Associated risk event list of the current API.
    Change history
    Status change history and remarks of the current API assets.

    Event Management

    Users can manage and mark relevant API assets by changing the API asset status, making it convenient for subsequent statistics, analysis, and handling of API assets.
    1. Log in to the WAF console, and choose Event Management > API security events in the left sidebar.
    2. On the API security events page, select the domain names to be protected in the top left corner. The right side shows whether API Security is enabled for the current domain name.
    3. In the event overview page, you can view the total number of current events and number of events in each status.
    
    4. In the event list page, select the event status you want to change, and click Status or Status changed of the event.
    
    5. In the status changed window, modify the relevant parameters, and click Submit.
    
    Description of the Status changed Page:
    Field Name
    Description
    Username
    Default to the current console account name, supporting user customization
    Remarks
    Status note description, up to 100 characters.
    Status
    Detected: Detected and unconfirmed API events.
    Handling: API event with risks being confirmed and related rules being configured. This status includes processing suggestions for the event type (CC/access control/BOT, etc.), and appropriate rules can be added with one click.
    Confirmed: API events with risks confirmed and handling rules added.
    Ignored: Confirm as not required to be handled and ignore it.
    Disabled: Observe the access traffic and attack traffic situation, confirming that the event can be completely closed.
    6. On the Event Management page, select the target event, and click View details to enter the Details page.
    7. On the Event details page, the information such as the basic information of the event, suggestions, added rules, and change history will be displayed.
    
    Description of the Details Page:
    Field Name
    Description
    Basic information
    Information on the current event including event ID, event type, associated API, domain name, occurrence time, update time, and event details.
    Suggestions
    Suggestions for handling the current event type (CC, access control, and bot, etc.).
    Added rules
    Existing access control rules.
    Attack source details
    Details of the attack source and related operations for the current event.
    Change history
    History of status changes for the current event.
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support