Managing the allow lists and deny lists - PingIntelligence for APIs

Managing the allow lists and deny lists - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

The API Security Enforcer (ASE) maintains both allow lists and deny lists.

Allow list

List of safe IP addresses, cookies, OAuth2 Tokens, API keys, or usernames that are not blocked by ASE.

The list is manually generated by adding the client identifiers using command-line interface (CLI) commands.

Deny list

List of bad IP addresses, cookies, OAuth2 Tokens, API keys, or usernames that are always blocked by ASE.

The list consists of entries from one or more of the following sources:

API Behavioral Security (ABS)-detected attacks, such as data exfiltration. ABS-detected attacks have a time-to-live (TTL) in minutes. The TTL is configured in ABS.
ASE-detected attacks, such as invalid method or decoy API accessed.
List of bad clients manually generated by CLI.