PingIntelligence for APIs 5.1 provides the following enhancements:
New in Dashboard
- New PingOne Dashboard provides a streamlined user interface with support for drill down into API details, blocklisted clients, and clients flagged for Indicators of Attack (IoAs). The rearchitected Dashboard significantly accelerates the processing of API metadata to speed updates to administrators on API activity and abnormal events. See Dashboard.
- An updated Attack management GUI delivers more detailed information to assist security administrators in analyzing Indicators of Attack (IoAs). The enhanced reporting includes additional insight into why a client’s behavior was flagged, suggested remediation steps, and transaction-level details from API requests and responses associated with the anomalous behavior. See Attack management.
- Enhanced SIEM integration pushes the same detailed IoA information (e.g. why flagged, remediation steps, transaction data) available via the Attack Management GUI to a SIEM. The SIEM integration enables a customer to combine anomalous API activity data with events from other security tools.
- Automated Publishing of Discovered APIs supports distributed discovery of APIs across multiple datacenters from a centralized or cloud-based Dashboard.
New in AI Engine
Updated AI algorithms detect anomalous values and content in API headers or query strings. Examples include hackers manipulating content, executing malicious scripts, passing attack variables, accessing unauthorized content, and other abnormal behavior. PingIntelligence detects and optionally blocks these manipulations and malicious activity. For more information, see Types of Indicators of Attack.
New in ASE
For inline or sideband deployments, ASE can be configured to detect and automatically block clients not presenting a token to APIs requiring access tokens.