APIs are increasingly the number one attack vector for adversaries due to their growing abundance and ease of attack via automated scripts and tools. Most public APIs are under constant attack by skilled human adversaries and growing legions of bots.
Well-designed, secure APIs are critical to mitigating the risk of attack, but it is essential to also actively monitor and defend your APIs – the frontline of your perimeter – via direct integration into SIEM and SOCs.
In this webinar 42Crunch and CyberProof demonstrate how to proactively integrate API access logs into the Azure Sentinel platform, demonstrating the following:
- Ingestion of API logs directly into Log Analytics workspaces.
- Creating basic alerts on common API error conditions.
- Enrichment of API logs with threat intelligence data i.e. known bad IPs.
- Detecting attack patterns for common adversarial tools i.e. Kiterunner.
- Understanding of common bot behaviors and detection techniques.
- Automated protection of APIs via standard Azure protections i.e. firewall.
Get API Security news directly in your Inbox.
By clicking Subscribe you agree to our Data Policy