API deception environment - PingIntelligence for APIs

API deception environment - PingIntelligence for APIs - 5.0

PingIntelligence

bundle

pingintelligence-50

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.0

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-50

pingintelligence

private

ContentType_ce

Page created: 12 May 2021 |

Page updated: 1 Nov 2021

| 1 min read

5.0 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Administration User task Security Manager Audience Configuration

A decoy API is configured in ASE and requires no changes to backend servers. It appears as part of the API ecosystem and is used to detect the attack patterns of hackers. When a hacker accesses a decoy API, ASE sends a predefined response (defined inresponse_message parameter in API JSON file) to the client request and collects the request information as a footprint to analyze API ecosystem attacks. ASE does not forward Decoy API request traffic to backend servers.

Decoy API traffic is separately logged in files named with the following format: decoy_pid_<pid_number>__yyyy-dd-mm-<log_file_rotation_time>(for example, decoy_pid_8787__2017-04-04_10-57.log). decoy log files are rotated every 24-hours and stored in the opt/pingidentity/ase/logs directory.

ASE Provides the following decoy API types:

In-context decoy APIs
Out-of-context decoy APIs