The APIs tab in Cloud Risk Posture provides comprehensive visibility into all APIs exposed in your cloud environment, helping you identify security risks and maintain control over your API attack surface.
-
Discover and catalog all APIs, including shadow APIs that may not be officially documented.
-
Identify security misconfigurations such as missing authentication, exposed endpoints, or publicly accessible APIs that should be restricted.
-
Assess risk levels across your API inventory to prioritize remediation efforts.
-
Track API security posture across your cloud infrastructure.
-
Support incident response by identifying compromised or suspicious API activity.
The following table details the actions available in the APIs tab in Cloud Risk Posture.
|
Action
|
Description
|
|
Find API collections
|
|
|
View a list of all the endpoints in an API collection
|
Click the number in the Endpoint paths column to open a table listing each endpoint
|
|
Investigate an API collection in Attack Surface Discovery
|
Click the name of an API collection to view asset details in Attack Surface Discovery.
|
|
Review unauthenticated endpoints in an API collection
|
Click the number in the Unauthenticated endpoints column to open a table listing each unauthenticated endpoint in the collection.
Click the endpoint name in the Resource Details column to view the endpoint in Attack Surface Discovery.
|
|
Review inactive endpoints in an API collection
|
Click the number in the Inactive endpoints column to open a table listing each inactive endpoint.
Click the endpoint name in the Resource Details column to view the endpoint in Attack Surface Discovery.
|