Page created: 19 Dec 2020
|
Page updated: 12 May 2021
New in ABS AI Engine
API AI Engine has the following enhancements:
- Query string parameter manipulation attack detection- The ABS AI Engine detects attacks by hackers manipulating query strings to execute malicious scripts, pass attack variables, access unauthorized content, and other attacks. PingIntelligence detects and optionally blocks such manipulations and malicious activity. For more information, see REST API attacks.
- MongoDB SSL verification- New ABS AI Engine configuration option to verify the SSL certificate when connecting to a MongoDB server. For more information, see Verify MongoDB SSL certificates.
- Enhanced MongoDB purge script- The improved MongoDB purge script can read credentials and database configurations from an obfuscated ABS configuration file. The script can be executed from an ABS host instead of the MongoDB host. For more information, see Purge MongoDB data.
New in ASE
API Security Enforcer (ASE) has the following enhancements:
- Capture of username from custom headers for user-based reporting and attack detection- ASE now supports extraction of usernames from API custom request headers. This new functionality is supported for both inline and sideband deployments. For more information, see Extract username from custom header in sideband mode and Extract username from custom header in inline mode.
- Cluster communication over SSL- ASE supports TLS 1.2 to secure communications between nodes in a cluster. For more information, see ASE Cluster SSL.
New in PingIntelligence Dashboard
PingIntelligence Dashboard has the following enhancements:
- Detailed training status- A new training status page for each API shows the attack types that can be detected based on the activity received on the API to date. For more information, see Training Status.
- Enable and disable attacks- A new attack management page supports globally enabling or disabling attack types. For more information, see Enable or disable attacks.
New in Automated deployment
- The automated deployment tool has new ABS variable settings to support MongoDB SSL certificate verification. For more information, see Change ABS default settings.
- A new ilm.json file supports configuring settings of the Index Lifecycle Management (ILM) policy for PingIntelligence Dashboard. For more information, see Change settings in ilm.json.
Resolved issues
Following major issues have been resolved in PingIntelligence 4.4 release:
| Ticket ID | Description |
|---|---|
| ASE - PI4API-2308 | Resolved an issue where clustered ASE nodes hung in starting state when started while APIs were being added to the Primary ASE node. |
| ABS - PI4API-837 | Tuned the ABS AI engine to only detect user-based attacks for authorized requests. This will prevent blocking of a valid user if an attacker tries to impersonate the user. |