PingIntelligence for APIs

download pdf

Digital transformation initiatives founded on APIs are making business logic and data readily accessible to internal and external users. However, APIs also present a new opportunity for hackers to reach into data and systems, and predefined rules, policies and attack signatures can’t keep up with this evolving threat landscape. PingIntelligence for APIs uses artificial intelligence (AI) to expose active APIs, identify and automatically block cyberattacks on APIs, and provide detailed reporting on all API activity. Leveraging AI models specifically tailored for API security, PingIntelligence for APIs brings cyberattack protection and deep API traffic insight to existing API Gateways and application server-based API environments.


PingIntelligence for APIs detects anomalous behavior on APIs, as well as the data and applications exposed via APIs, and can automatically block attacks across your API environment. For example, attempts to bypass login systems using botnet credential stuffing attacks or stolen tokens are recognized as cyberattacks. Attempts to exfiltrate, change or delete data which fall outside the range of normal behavior for an API can also be blocked and reported on in near real time. 




PingIntelligence for APIs delivers deep insight into API activity
and blocks cyberattacks for API infrastructures



  • Automated API discovery
  • API threat detection & automated blocking
  • API deception & honeypot
  • Deep API traffic visibility & reporting
  • Multiple deployment options
  • Support for hybrid IT environments
  • Self-learning




  • Discover unknown and inactive APIs
  • Stop API attacks across your enterprise
  • Safeguard data against theft and deletion
  • Protect APIs from disruption or shutdown
  • Instantly recognize and block hackers
  • Deliver detailed forensic and compliance reports
  • Eliminates need to write policies and rules

PingIntelligence solutions

CyberSecurity for Internal and External APIs

PingIntelligence for APIs applies AI models and big data analytics to continuously inspect and report on all API activity, and automatically discovers anomalous traffic behavior across an enterprise’s API environment. Bad actors are well versed in circumventing static security policies, so PingIntelligence was purpose-built to recognize and respond to rapidly changing, dynamic attacks unique to APIs without writing policies, rules, or code.

AUTOMATED API DISCOVERY: Dynamically discover APIs across your environment which are inadvertently exposed, unknown, or forgotten. Generate detailed reports on activity across these APIs and look for attacks on their data and applications.


API DECEPTION: Use decoy APIs (honeypots) to instantly reveal hacker’s activity. Since decoy APIs should never be accessed by legitimate clients, API deception will immediately recognize the attack and prevent access to production APIs.

Sample of Attacks Detected: Existing solutions weren’t built to protect against attacks designed to take advantage of vulnerabilities unique to APIs and the data and systems to which they provide access. PingIntelligence fills the gaps by detecting, blocking and reporting on attacks which represent anomalous behavior on each API, including:

  • Login system attacks

  • Stolen credential attacks

  • Account takeover attacks

  • Data extraction or theft

  • Data scraping

  • Data deletion or manipulation

  • Data injected into an application service

  • Malicious code injection

  • Extreme application activity

  • Probing and fuzzing attacks

  • Multi-Step API Attacks

  • Targeted API DDoS attacks


To learn more about attacks unique to APIs, read about common gaps in API security.


Built-in dashboards and reporting allow you to monitor API activity

monitor & report

API traffic & attacks

With PingIntelligence, you can monitor all API activity including every command and method used throughout a session. Dashboards allow you to leverage a graphical view of attacks, anomalies and metrics across the API environment to help operations track discovered APIs as well as ongoing attack activity and anomalous events. Dashboards can be deployed standalone or integrated into an in-house operations console via PingIntelligence REST APIs. Security analysts can also generate forensic reports to investigate historical activity, such as all APIs and paths accessed by a hacker leading up to an attack. For regulated industries, detailed reporting of all API activity associated with database and file system access, line of business applications, or control systems is available for compliance purposes.


PingIntelligence for APIs was designed for flexible deployment to work in conjunction with the Ping Identity platform and integrate with your API gateway. Additional architectural flexibility is available with both inline and sideband deployment options, allowing IT to choose the model appropriate for their environment. The inline model offers a high-performance reverse proxy that can protect any number of applications. Alternatively, sideband deployment with an API Gateway or PingAccess provides the same AI-powered attack detection and comprehensive insight as the inline option without requiring network or infrastructure modifications.



Inline Deployment of PingIntelligence for APIs with an API Gateway





Sideband Deployment of PingIntelligence for APIs with an API Gateway





Sideband Deployment of PingIntelligence for APIs with PingAccess



protect internal and external apis

The PingIntelligence solution protects you from cyberattacks and provides deep insight into API activity on API gateways from Axway, Apigee, CA, IBM, Kong, Mulesoft, Tibco, Tyk, Red Hat 3Scale, WS02, and more, as well as APIs implemented directly on app servers such as Node.JS, WebLogic, Tomcat and WebSphere—whether on-premises, in the cloud, or both. With deployment options including virtual machines, Docker containers, and bare metal environments, PingIntelligence supports automated installation and management scripts across common datacenter and cloud environments such as AWS.

try it today

The PingIntelligence for APIs trial is a SaaS based service which includes:

  • Self-learned API Threat Detection and Blocking

  • Configurable API Deception

  • Pre-defined integration with industry proven API Gateways

  • Deep API Traffic Visibility Support for Hybrid IT Environments
  • Cloud Based Intelligence Engine
  • Direct Inline Traffic Inspection


Apply for the PingIntelligence for APIs Trial

Related Resources