Page created: 23 Nov 2020
|
Page updated: 12 May 2021
PingIntelligence for APIs detects many different types of REST API attacks. Each attack type is associated with a unique attack ID. By default all the attacks are enabled for detection. You can enable or disable detection of a specific attack type, using the Enable/Disable Attacks feature in Attack Management.
Note: The PingIntelligence for APIs dashboard interacts with the
API Behavioral Security (ABS) AI Engine, when you enable or disable an attack. If you
disable an attack while the ABS AI engine is processing data, ABS may still report
attacks for a few minutes. The attack type would be disabled when the next batch of data
is processed. When you enable an attack from the disabled state, ABS takes a few minutes
to report the API attacks. For more information, see
Enable or disable attacks in ABS.
To access the feature click on the Attack Management tab on the left
pane and then click Enable/Disable Attacks. You need Admin user
privileges to Enable or Disable attack
types.
Use the toggle button to
enable or disable an attack type. The toggle button will not be present if an attack
cannot disabled. For example, the following attack IDs cannot be disabled as these are
real-time attacks reported by ASE:
- Attack ID 13: API DDoS Attack Type 2
- Attack ID 100: Decoy Attack. This attack ID must be disabled from ASE.
- Attack ID 101: Invalid API Activity. This attack ID must be disabled from ASE.
You will always be prompted with a confirmation notification before enabling or disabling an
attack. For example when you try to disable an attack, you will be prompted with the
following notification. Click Submit to confirm. You should see a
success notification whenever an attack type is enabled or disabled.
Search and sort attack types
You can sort the attack types based on attack ID or Is Enabled status as shown in the the
following screenshot.
The feature provides multiple search options. You can search based on attack name or attack ID
within enabled or disabled attacks.