PingIntelligence automated deployment for virtual machines and servers
PingIntelligence software combines real-time application programming interface (API) security and artificial intelligence (AI) analytics to detect, report, and block cyberattacks on data and applications exposed through APIs.
The software consists of three platforms: API Security Enforcer (ASE), API Behavioral Security (ABS) AI Engine, and PingIntelligence Dashboard.
This section describes the installation and execution of an Ansible package that automatically builds a PingIntelligence for APIs environment. The package installs and configures the following components:
-
ASE (inline or sideband configuration)
-
ABS AI Engine
-
MongoDB database
-
PingIntelligence for APIs Dashboard
The supported operating systems are RHEL 7.9 and 8 or Ubuntu 18.04 LTS.
The following diagram shows an example of a sideband deployment.
- API Security Enforcer (ASE)
-
Applies real-time API metadata ingestion and enforces optional blocking. ASE can be deployed in inline or sideband mode and works with the ABS engine to identify attacks. For more information, see Inline ASE and Sideband ASE.
- API Behavioral Security AI engine
-
Executes AI algorithms to detect in near real-time cyberattacks targeting data, applications, and systems with APIs. Attack information can be automatically pushed to all ASEs to block ongoing breaches and prevent reconnection.
- PingIntelligence for APIs Dashboard
-
Provides:
-
Graphical view of an API environment, including user activity, attack information, and deny-listed clients, using Elasticsearch and Kibana
-
Visibility into API activity
-
API training status and other information
-
API Discovery management using automatic or manual mode
-
Attack insight to understand why a client was flagged for an attack
-
Attack management through unblocking clients or tune AI Engine thresholds
-
ABS license information
-