• Make sure you have admin user privileges to enable or disable the IoAs on APIs.
  • To access the feature click on SETTINGS tab and then click Enable/Disable Attacks on the left pane.

    Screenshot of enable/disable attacks on attack
    Note: The PingIntelligence for APIs dashboard interacts with the API Behavioral Security (ABS) AI Engine, when you enable or disable an attack. If you disable an attack while the ABS AI engine is processing data, ABS may still report attacks for a few minutes. The attack type would be disabled when the next batch of data is processed. When you enable an attack from the disabled state, ABS takes a few minutes to report the API attacks. For more information, see Enable or disable attacks in ABS.
  • Use the toggle button to enable or disable an IoA type. The toggle button will not be present if an IoA cannot be disabled. For example, the following attack IDs cannot be disabled as these are real-time attacks reported by ASE:
    • Attack ID 13: API DDoS Attack Type 2
    • Attack ID 100: Decoy Attack. This attack ID must be disabled from ASE.
    • Attack ID 101: Invalid API Activity. This attack ID must be disabled from ASE.
  • Click on icon to know details such as the time the attack was enabled or disabled and so on. The following screenshot shows the attack details displayed.


    You will always be prompted with a confirmation notification before enabling or disabling an IoA. For example when you try to disable an IoA, you will be prompted with the following notification. Click Submit to confirm. You should see a success notification whenever an attack type is enabled or disabled.

  • Sort the attack types based on attack ID or Is Enabled status.


  • Search based on attack name or attack ID within enabled or disabled attacks.