API security rules let you manage threat actions specific to individual API paths. Offering high granularity, the degree of protection complexity is up to you.
Click the Security Rules icon (highlighted in red, above) to tailor security rules for one or more domains.
One option lets you set a trigger action generic to all APIs associated with a single domain. Alternately, you can dial in specific responses to be triggered at different threat levels on an individual path basis.
If you’re managing 100 APIs, you can set a unique rule for each. Set 30 basic APIs to only monitor traffic, but heighten the security of your 15 most sensitive APIs to block highly active traffic.
There are two types of actions available for your APIs:
- Monitor – Capture and identify malicious activity without blocking access to your APIs.
- Block – Prevent access to your APIs.
Start protecting your API domains by adding a security rule.