PingIntelligence

PingIntelligence automated deployment for virtual machines and servers

PingIntelligence software combines real-time application programming interface (API) security and artificial intelligence (AI) analytics to detect, report, and block cyberattacks on data and applications exposed through APIs.

The software consists of three platforms: API Security Enforcer (ASE), API Behavioral Security (ABS) AI Engine, and PingIntelligence Dashboard.

This section describes the installation and execution of an Ansible package that automatically builds a PingIntelligence for APIs environment. The package installs and configures the following components:

  • ASE (inline or sideband configuration)

  • ABS AI Engine

  • MongoDB database

  • PingIntelligence for APIs Dashboard

The supported operating systems are RHEL 7.9 and 8 or Ubuntu 18.04 LTS.

The following diagram shows an example of a sideband deployment.

A diagram of a sideband deployment.
API Security Enforcer (ASE)

Applies real-time API metadata ingestion and enforces optional blocking. ASE can be deployed in inline or sideband mode and works with the ABS engine to identify attacks. For more information, see Inline ASE and Sideband ASE.

API Behavioral Security AI engine

Executes AI algorithms to detect in near real-time cyberattacks targeting data, applications, and systems with APIs. Attack information can be automatically pushed to all ASEs to block ongoing breaches and prevent reconnection.

PingIntelligence for APIs Dashboard

Provides:

  • Graphical view of an API environment, including user activity, attack information, and deny-listed clients, using Elasticsearch and Kibana

  • Visibility into API activity

  • API training status and other information

  • API Discovery management using automatic or manual mode

  • Attack insight to understand why a client was flagged for an attack

  • Attack management through unblocking clients or tune AI Engine thresholds

  • ABS license information

Administrators

You can install all of the PingIntelligence products either as a user with sudo access or a normal user without sudo access.

Make sure that the entire deployment is a homogenous deployment. Install all of the products as either a sudo user or as a normal user, not a mix of both.

Time zone

All PingIntelligence components (ASE, ABS AI Engine, and Dashboard) should be installed using the same time zone, either local or UTC. MongoDB should also be configured to the same time zone as PingIntelligence components.