Key components

PingIntelligence for APIs software combines real-time security and AI analytics to detect, report, and block cyberattacks on data and applications exposed via APIs. The software consists of three components: API Security Enforcer (ASE), API Behavioral Security (ABS) AI engine, and PingIntelligence Dashboard.

ASE
Applies real-time API metadata ingestion and enforces optional blocking. ASE can be deployed in inline or sideband mode and works with the ABS engine to identify attacks. For more information, see Inline ASE and Sideband ASE.
ABS AI Engine
Executes AI algorithms to detect in near real-time cyberattacks targeting data, applications, and systems via APIs. Attack information can be automatically pushed to all ASEs to block ongoing breaches and prevent reconnection.
PingIntelligence for APIs Dashboard
Offers you the following:
  • Visibility into API activity
  • View the training status and other information of your APIs
  • Manage API discovery using automatic or manual mode
  • View attack insight to understand why a client was flagged for an attack
  • Manage attacks by unblocking clients or tune AI engine thresholds
  • View ABS license information

The Dashboard engine utilizes Elasticsearch and Kibana to provide a graphical view of an API environment including user activity, attack information, and blacklisted clients.

Administrators

You can install all the PingIntelligence components either as a user with sudo access or a normal user (without sudo access). Make sure that the entire deployment is a homogenous deployment. Either all the components should be installed as a sudo user or as a normal user.

Time zone

All PingIntelligence components (ASE, ABS AI Engine, and Dashboard) should be installed using the same time zone, either local or UTC. MongoDB should also be configured to the same time zone as PingIntelligence components.