Release Notes
New features and improvements in PingIntelligence for APIs. Updated September 28, 2023.
PingIntelligence 5.2 (September 2023)
PingIntelligence for APIs 5.2 provides the following enhancements:
New in Dashboard
Improved
The PingIntelligence for APIs Dashboard is enhanced to provide an improved user experience with the following functionalities:
- Enhanced Main Dashboard
-
The main dashboard adds tiles with quick links for Discovered APIs, API Count, and Indicators of Attack. See PingIntelligence Dashboard.
- Enhanced SIEM integration
-
The security information and event management (SIEM) integration provides a webhooks connection to a Splunk SIEM. The SIEM integration also enables a customer to combine anomalous API activity data with events from other security tools.
New in AI Engine
Improved
Support for detection of user-based broken object-level authorization (BOLA), broken function-level authorization (BFLA), user-based data injection, and anomalous token claim detection. PingIntelligence detects and optionally blocks these manipulations and malicious activity. For more information, see Indicators of attack.
PingIntelligence 5.1 (December 2021)
PingIntelligence for APIs 5.1 provides the following enhancements:
New in Dashboard
Improved
The PingIntelligence for APIs Dashboard is enhanced to provide an improved user experience for the following functionalities:
-
New PingOne Dashboard provides a streamlined user interface with support for drill down into API details, blocklisted clients, and clients flagged for Indicators of Attack (IoAs). The rearchitected Dashboard significantly accelerates the processing of API metadata to speed updates to administrators on API activity and abnormal events. See Dashboard.
-
An updated Attack management GUI delivers more detailed information to assist security administrators in analyzing Indicators of Attack (IoAs). The enhanced reporting includes additional insight into why a client’s behavior was flagged, suggested remediation steps, and transaction-level details from API requests and responses associated with the anomalous behavior. See Attack management.
-
Enhanced SIEM integration pushes the same detailed IoA information (e.g. why flagged, remediation steps, transaction data) available via the Attack Management GUI to a SIEM. The SIEM integration enables a customer to combine anomalous API activity data with events from other security tools.
-
Automated Publishing of Discovered APIs supports distributed discovery of APIs across multiple datacenters from a centralized or cloud-based Dashboard.
New in AI Engine
Improved
Improved Anomalous API Header and Query String Detection
Updated AI algorithms detect anomalous values and content in API headers or query strings. Examples include hackers manipulating content, executing malicious scripts, passing attack variables, accessing unauthorized content, and other abnormal behavior. PingIntelligence detects and optionally blocks these manipulations and malicious activity. For more information, see IoAs (Indicators of Attack).
New in ASE
New
Real-Time Enforcement of Missing Token
For inline or sideband deployments, ASE can be configured to detect and automatically block clients not presenting a token to APIs requiring access tokens.
New Kubernetes Deployment
New
Support for production PingIntelligence deployments in AWS EKS using a Ping-supplied Helm-Chart. See PingIntelligence Kubernetes deployment.
PingIntelligence 5.0.1 (August 2021)
PingIntelligence for APIs 5.0.1 provides the following updates:
New PingIntelligence Docker Toolkit Environment Variables
New
The PingIntelligence Docker toolkit adds environment variables to support integration of ASE with the PingOne API Intelligence platform. For more information, see PingIntelligence Docker toolkit. The new environment variables support:
-
Configuring gateway credentials to use for connecting ASE with the PingOne API Intelligence platform
-
Setting the ABS AI engine deployment type to cloud or on-premise
PingIntelligence 5.0 (June 2021)
PingIntelligence 5.0 provides the following enhancements:
All PingIntelligence components now support a single unified license
New
PingIntelligence now supports up to 10 subpath levels for API base paths when API Security Enforcer (ASE) is deployed in sideband mode. Subpath depth is the number of sub-paths for a unique API definition. For more information, see Discovery sub-paths.
Dashboard Enhancements
New
The PingIntelligence Dashboard is enhanced to provide improved user experience for the following functionalities:
-
The updated Attack management page gives a comprehensive view of Indicators of Attacks (IoAs) on a per client basis. A separate Enable / Disable Attacks page helps the administrators in efficient attack management. For more information, see Indicators of Attacks on REST APIs.
-
The Training Status page now allows you to view the training status for an API by selecting the API from a drop-down list. The page also has a new capability to download per API and across API attack thresholds in a JSON formatted text file. For more information, see Training period status.
ASE Updates
New
ASE has the following new additions:
-
External Load Balancer support for ASE to ABS AI Engine traffic -ASE can be optionally configured to utilize external load balancers to distribute traffic across ABS AI Engine nodes. This provides the flexibility to support auto-scale of ABS AI Engine nodes and more high availability configurations.
-
REST API for sideband token management -The
Token API
helps to create, import, and delete ASE sideband tokens. You can also retrieve the list of tokens issued by ASE. -
REST API for sideband authentication - The
Authentication API
helps to enable and disable ASE sideband authentication. You can also retrieve the authentication status. For more information, see REST APIs for sideband token and authentication.
New in sideband integration policies
Improved
-
NGINX plus policy -The updated PingIntelligence sideband policy can seamlessly integrate with NGINX Plus R22 or R23 systems. This enhanced policy supports NGINX nodes with PingAccess agents installed and can capture user information from the PingAccess token introspection. For more information, see Installing NGINX Plus for RHEL 7.6.
-
Apigee policy -The updated PingIntelligence sideband policy adds optional asynchronous communication between Apigee and ASE for improved performance when deployed in environments that do not require automated client blocking. For more information, see Apigee integration.
-
Kong policy - The PingIntelligence sideband policy is enhanced to support extraction of user information from JWTs when OpenID Connect (OIDC) plugin is installed in a Kong gateway. For more information, see Kong API gateway integration.