OWASP API Top 10
7 TopicsMicrosoft Defender for API Security Dashboard
Microsoft Defender for APIs is a plan provided by Microsoft Defender for Cloud that offers full lifecycle protection, detection, and response coverage for APIs. Defender for APIs is currently in public preview and currently provides security for APIs published in Azure API Management. Microsoft Defender for API plan provides us with amazing capabilities like, giving security admins the visibility to their business-critical managed APIs, provides you with security findings to investigate and improve your API security posture, also provides you with sensitive-data classification (API data classification) where the plan classifies APIs that are exposing, receiving or responding with sensitive data, also comes with real-time threat detection that generates alerts for suspicious activities. Defender for API plan continuously assesses the configurations of your managed APIs and compares them with the best practices and finds misconfigurations which generates security recommendations that will be published on Defender for Cloud's Recommendations page. As you can imagine, that’s a lot of information to keep track. So we wanted to provide you with a single-pane of glass view to help view all the findings associated with the Defender for APIs plan. With this blog, we are introducing you to Microsoft Defender for API Security Dashboard, that provides representation of the security posture of your API’s in different pivots that help you understand the overall security findings, threats in your environment and how to prioritize them. What’s in the Dashboard Defender for API Security dashboard is a workbook that provides a unified view and deep visibility into the issues. This workbook allows you to visualize the state of your API posture for the API endpoints that you have onboarded to Defender for APIs to better understand your unhealthy recommendations and the identified data classifications, authorization status, usage, and exposure of your APIs. You can also investigate detected threats on affected API resources, including the most affected API collections and endpoints, the top alert types, and progression of alerts over time. Pie-Charts & Details Example Overview: The overview section contains six pie-charts that represents the total number of alerts and how they map to the MITRE ATT&CK Tactics, security recommendations, coverage for API endpoints, and coverage for different subscriptions that you have access to. Hardening Recommendations: To drill into security recommendations, select the Hardening Recommendations tab. On this tab, you can investigate your unhealthy recommendations by severity level, see all affected resources, and get security insights such as unauthorized API endpoints that are externally facing and transfer sensitive data. Threat Detection – Alerts The Alerts tab displays your top 10 alerts type, a list of your affected resources, active alerts on selected resources, alerts over time, and a map of your affected APIs. Note You must enable Defender for APIs and onboard API endpoints in order to utilize this workbook How to Deploy Great News...!! This workbook is built into Microsoft Defender for Cloud portal. In the Azure portal > Navigate to Microsoft Defender for Cloud > Workbooks Additional Resources To learn more about Microsoft Defender for API offering, make sure to check out our documentation We are eager to hear your feedback on your experience with Defender for API capabilities. Please take sometime to fill in the survey Learn about API Security Alerts Learn about API Security RecommendationsDefender for APIs Better Together with Azure Web Application Firewall and Azure API Management
This article discusses the interplay between Defender for APIs, Azure Web Application Firewall (Azure WAF), and Azure API Management (APIM). Learn about their combined efforts in protecting APIs throughout their lifecycle, from real-time threat detections to adaptive security with posture management.Boost Security with API Security Posture Management
API security posture management is now natively integrated into Defender CSPM and available in public preview at no additional cost. This integration provides comprehensive visibility, proactive API risk analysis, and security best practice recommendations for Azure API Management APIs. Security teams can use these insights to identify unauthenticated, inactive, dormant, or externally exposed APIs, and receive risk-based security recommendations to prioritize and implement API security best practices.