Similar to Distil’s Web Security reports, API Security reports provide integral, real-time information about the traffic and actions protecting your APIs.
Traffic Classifications reports your entire account traffic, giving you a rundown of the request types accessing your APIs.
NOTE: These requests don’t include browser-related information, such as browser type or cookies as seen in the Web Security reports.
API traffic can be classified as:
- Abusive – Requests are violating rules and/or are manually blocked via your Access List.
- Neutral – Requests are passing through without violating any rules.
- Whitelist – Requests are manually allowed via your Access List.
Use the top Filter menu to drill down to a specific domain and focus on a specific date range.
Similar to the Trap Analysis report available in Web Security, Abusive Clients provides a summary of all API request violations caught by Distil. Drill down to each violator to review specific IP addresses targeting your APIs, and then add those malicious IPs to your Access List. This blocks any further attempts against your APIs.
The Organizations report lists all organizations flagged with a violation. Use it to review violating organizations and blacklist them via your Access List.
For more information on using your Access List to block specific organizations, check out our blog post on Dissecting the Dynamic Nature of IP Access Control Lists (ACL).
Similar to the Organizations report, the Countries report shows those countries flagged with a violation.