Javascript is actually
a good thing!
Make sure it's turned on
so that pingidentity.com can work properly.
PingOne API Intelligence

- DATASHEET -

PingOne API Intelligence

 

 download pdf


What is PingOne API Intelligence?

 

PingOne API Intelligence is a cloud-based service that uses artificial intelligence (AI) to gain in-depth visibility into your API traffic. This is in order to centralize traffic monitoring, thereby enabling the quick identification and blocking of anomalous traffic, while providing detailed reports on all activity. Leveraging AI models specifically tailored for API security, PingOne API Intelligence identifies attacks that go undetected by traditional security solutions. This includes web application firewalls, such as zero-day attacks. PingOne API Intelligence learns traffic behaviors to determine “good” and “bad” traffic, and can easily be deployed into your existing security infrastructure.


 
PingOne API Intelligence delivers deep insight into API activity to help protect API infrastructures



PingOne API Intelligence delivers deep insight into API activity to help protect API infrastructures

Features

 

  • Rich API traffic visibility & reporting
  • Automated API discovery
  • Artificial intelligence for each API
  • API bad traffic analytics and threat detection
  • Automated attack blocking—including across clouds
  • API deception & honeypot for instant hacking detection
  • Multiple deployment options in public and private clouds
  • Support for hybrid IT environments
  • Integration with popular gateways for “drop-in” deployments
  • Automatic adaptation to changing environments
  • Continuous self-learning; no rules to write and maintain

 

Benefits

 

  • Helps sort out good and bad API traffic
  • Automatically discovers new APIs on your infrastructure
  • Delivers unique insight into API activity with dashboards and in-depth reports
  • Provides unified view of API activity across API gateways and clouds
  • Protects API infrastructures from disruption, data theft and shutdown
  • Increases protection against threats in the OWASP API Security Top 10 and beyond
  • Enables self-learning to save security analysts from having to write or maintain rules
  • Simplifies investigations and compliance tracking with the right information
Built-in dashboards and reporting centralize the monitoring of API activity

 

Built-in dashboards and reporting centralize the monitoring of API activity

In-Depth Visibility Into API Traffic

 

The way PingOne API intelligence works is traffic data gets fed into dashboards, providing you with a unified view of newly discovered APIs, detailed API activity, most active client activity, bad traffic and attacks across your infrastructure. It also gives you a view on attack management. Dashboards can be deployed standalone or integrated into an in-house operations console via PingOne API Intelligence REST APIs.

 

In the rare event of an attack or attempted attack, security analysts can generate forensic reports to investigate historical activity, such as all APIs and paths accessed by a hacker leading up to an attack. For regulated industries, detailed reporting of all API activity associated with database and file system access, line of business applications or control systems is available for compliance purposes.

 

 

 

Protect Internal and External APIs

PingOne API Intelligence applies AI models and big data analytics to continuously inspect and report on all API activity, for both internal and external APIs. By applying a combination of AI and user behavioral analytics, PingOne API Intelligence can automatically discover anomalous traffic behavior across an enterprise’s entire API environment. PingOne API Intelligence was purpose-built in order to recognize and respond to rapidly changing, dynamic attacks (attacks that are typically unique to APIs) without writing policies, rules or code:
magnifying glass

Automated API Discovery: Dynamically discover APIs across your environment that are inadvertently exposed, unknown or forgotten. Generate detailed reports on activity across these APIs and look for attacks on corresponding data and applications.

 
security

API Deception: Use decoy APIs (also known as “honeypots”) to instantly reveal hacker activity. Since decoy APIs should never be accessed by legitimate clients, API deception will immediately recognize the attack and prevent access to production API thereafter.

 
org chart

Sort Out Good and Bad Traffic: Easily distinguish between good and bad traffic. API infrastructures can be subjected to all sorts of bad traffic, including:
 

  • API used by a partner in a non-intended way
  • A system “misfiring” and sending vast amounts of traffic to a gateway cluster
  • A hacker using a valid user account to reverse engineer an API and gain access to other accounts (while appearing as a normal user)
caution

Sample of Attacks Detected: Existing solutions—such as API gateways and web application firewalls—weren’t built to protect against those attacks which are specifically designed to take advantage of OWASP API Top 10 and other similar vulnerabilities. These types of attacks are unique to APIs and the data and systems to which they provide access. PingOne API Intelligence works with these solutions by detecting, blocking and reporting on attacks that represent anomalous behavior on each API, including:
 

  • Anomalous API access patterns
  • Credential stuffing and password spraying
  • Account takeover with stolen token, cookie or API key
  • API takeover attacks
  • Data extraction or theft
  • Abnormal data access - e.g. broken object level authorization
  • Data deletion or manipulation
  • Data injected into an application service
  • Abnormal API Sequence
  • Query string manipulation
  • Probing and fuzzing attacks
  • Targeted API DDoS attacks
  • Extreme client activity
  • Header manipulation attacks
  • Fraudulent user access behavior

API Gateway Integrations

 

PingOne API Intelligence provides two options to work with your existing API infrastructure with both inline and sideband options, allowing IT to choose the model most appropriate for their environment:

 

 

Inline Model: Offers a high-performance reverse proxy that can protect any number of API gateways and cloud APIs implemented directly on application servers
Inline Deployment of PingOne API Intelligence with an API Gateway or Application Server

Sideband Deployment Model: Provides the same AI-powered attack detection and comprehensive insight as the inline option, without requiring network or infrastructure modifications. In this deployment mode, Ping is simply “dropped-in” on the side of an API gateway or PingAccess— outside of the data path—to monitor the traffic, identify abnormal behaviors and threats and communicate when blocking is required.
Sideband Deployment of PingOne API Intelligence

Supported Integrations

 

  • Amazon AWS API Gateway
  • Axway API Gateway
  • Azure API Management
  • Google Apigee API Gateway
  • IBM Datapower and APIConnect
  • MuleSoft API Gateway
  • NGINX, NGINX Plus and F5 Big-IP
  • PingAccess
  • TIBCO Mashery API Gateway
  • WSO2 API Gateway

Deploy Intelligent API Security Anywhere
cloud

In addition to these capabilities and integrations, enterprises can select where they want to deploy intelligent API security by choosing a hybrid or on-premise software deployment. By selecting the PingOne API Intelligence model that leverages Ping’s cloud for configuration as well as AI processing and reporting, enterprises can take advantage of the flexibility of the cloud while connecting to on-premise APIs. Additionally, enterprises can deploy PingIntelligence for APIs for use on-premise or private cloud API security

Try It Today!

Ready to experience PingOne API Intelligence for yourself? Sign-up for a free trial today.