PingIntelligence for APIs

Detect and block API cyberattacks using AI

watch the video try it now
what it does

ai-powered api security

PingIntelligence for APIs is an API security solution done right. It uses artificial intelligence (AI) to automatically discover APIs, and it can automatically detect and block threats. It also provides deep API traffic visibility and reporting to enhance your organization's security posture.

read the datasheet
what it does

making API security smarter

The adoption of APIs in the enterprise is showing no signs of slowing down. And each API represents a potential vulnerability to corporate data, applications and critical business systems. Finely tuned attacks on APIs are bypassing traditional security measures provided by CDNs, WAFs and API Gateways to breach APIs and get to the digital assets they connect.

A robust API security practice requires a strong set of security capabilities, as well as the ability to detect abnormal use of each API once a user passes the first lines of defense. This way, you can act immediately when anomalous behavior is detected, such as unusual sequences of API access. PingIntelligence for APIs is making API security smarter.

get the white paper
what it does

detect all forms of api attack

Today’s API security solutions aren’t enough to stop a new generation of attacks on APIs, specifically designed to exploit vulnerabilities unique to each API. PingIntelligence for APIs can detect, block and report on attacks that compromise your APIs, which include:


  • Authentication System Attacks: Bad actors use credential stuffing and other brute force attacks to breach API infrastructures using valid credentials. Hackers can use stolen credentials like tokens and cookies to penetrate and take over accounts.

  • Data and Application Attacks: Hackers can reverse-engineer an API with a valid account to extract, delete, modify or inject data into a service with the intent to steal information, disrupt a system or compromise data—or even take over an account.

  • Targeted API DoS/DDoS Attacks: Hackers tune attacks to stay below rate limits, which can disable services provided by the API or damage the user experience. They can also generate calls that require unusually high system resources, which can affect server response time.
see the infographic
how it does it

automated api protection with ai

  • Automated API Discovery

    PingIntelligence for APIs dynamically discovers APIs across your enterprise environment that are inadvertently exposed, unknown or forgotten. You can generate detailed reports on activity across these APIs and look for attacks on their data and applications.

  • Threat Detection & Blocking

    PingIntelligence for APIs detects attacks that use APIs to compromise data and applications. It automatically blocks attacks whether they target APIs running on API gateways, or APIs implemented directly on app servers.

  • API Deception & Honeypot

    You can use decoy APIs (honeypots) to instantly detect probing hackers. Because these honeypots should never be accessed by legitimate clients, PingIntelligence for APIs immediately quarantines the hacker and prevents access to production APIs without disrupting the flow of business.

  • Traffic Visibility & Reporting

    PingIntelligence for APIs monitors all API activity including every command and method used throughout a session. Reports can deliver exhaustive forensic data as well as information for compliance reporting. Dashboards allow you to leverage a graphical view of attacks, anomalies and metrics across the API environment.

  • Self-learning

    With PingIntelligence for APIs, you can use AI to discover expected behavior for each API without manual intervention. No rules need to be written or managed, ever. And attack signature updates are never required.

watch the video
how it does it


With both inline and sideband deployment options available, your IT team can deploy PingIntelligence for APIs however it fits best in your enterprise architecture. To provide AI-powered attack detection and monitoring without requiring network or infrastructure modifications, you can integrate with PingIntelligence for APIs in sideband deployment with PingAccess or your API gateway from Axway, Apigee, CA, AWS, Azure, IBM, Kong, MuleSoft, TIBCO, Tyk, Red Hat 3Scale, WS02 and more. Or use inline deployment to have PingIntelligence for APIs as a high-performance reverse proxy to protect APIs deployed on API gateways, PingAccess or APIs deployed directly on application servers.


the proof


The security community has recognized the need to better protect the critical services and data to which APIs provide access. PingIntelligence for APIs has been commended for its innovative approach to securing enterprise resources and associated API infrastructures by leveraging AI to detect and block cyberattacks on APIs, and provide deeper visibility into API traffic and deployments.


Recently, the solution was honored with the 2019 Devies Award for “Best Innovation in Security and Networking” and received the Gold for “Best API Management and Security Product” in the 2019 Info Security Product Guide Global Excellence Awards. PingIntelligence for APIs was also awarded with API World’s “2018 Best in API Security” award and by IT Daily’s “2018 IT Security Award” in the IAM category. This recognition underscores the growing importance of APIs and the need for more comprehensive protection for API infrastructures.


The PingIntelligence for APIs free trial is a SaaS-based service that lets you take this solution for a test drive on your own API gateways and application servers.