This product is not supported for your selected Datadog site. ().
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Use API Posture in App and API Protection (AAP) to discover your APIs, assess the risks they expose, and track your security posture.

To get started, set up AAP on your services to discover endpoints from your live traffic. Other data sources, such as Amazon API Gateway and source code, require additional setup; see API Endpoints for details.

How API Posture works

API Posture brings together several capabilities, all built on the same live API data. With them, you can:

  • Discover which APIs exist with API Inventory. Inventory is a continuously updated catalog of the endpoints and services discovered across your environment, including those that are undocumented or no longer in use.
  • Assess what each API exposes with API Findings and Sensitive Data. Findings aggregate the vulnerabilities and misconfigurations tied to your endpoints, and sensitive data tagging shows which endpoints process PII, credentials, or payment data.
  • Verify which endpoints are publicly accessible, and which require authentication, using Endpoint Scanning. Endpoint Scanning probes your endpoints from outside your environment, rather than inferring behavior from observed traffic.
  • Measure your organization-wide posture in the API Posture section of the Overview page. It shows how your endpoints are discovered, which ones are exposed to attacks or process sensitive data, and your open findings by severity.
  • Track your security posture against industry-standard frameworks with Compliance. It maps API security detection rules to OWASP API Security Top 10 controls and shows a real-time score of passing and failing controls across your services.

Further reading

お役に立つドキュメント、リンクや記事: