---
title: API Findings
description: Triage detected API risks across definitions, gateways, and live traffic.
breadcrumbs: Docs > Datadog Security > App and API Protection > API Posture > API Findings
---

> For the complete documentation index, see [llms.txt](https://docs.datadoghq.com/llms.txt).

# API Findings

{% callout %}
# Important note for users on the following Datadog sites: app.ddog-gov.com, us2.ddog-gov.com

{% alert level="danger" %}
This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ({% placeholder "user-datadog-site-name" /%}).
{% /alert %}

{% /callout %}

The [API Findings](https://app.datadoghq.com/security/appsec/inventory/finding) explorer provides a central triage view of the API risks detected across your definitions, gateways, and live traffic. Default rules detect common vulnerabilities and misconfigurations. You can also add [custom rules](https://docs.datadoghq.com/security/application_security/policies/custom_rules.md) for specific use cases.

**API Findings** columns:

- **Severity:** Each issue is ranked by risk.
- **Endpoints:** Shows how many endpoints are affected and their services.
- **Status and Ticketing:** `Open` or `In Progress` tracks remediation progress and workflow integration.

Use the **Service** facet to see each service's endpoints to identify ownership and prioritize by business impact.

## Common operations{% #common-operations %}

Click a finding to view its details and perform a workflow such as Validate > Investigate > Fix > Track:

1. Validate:
   - Review What Happened and Detected In to confirm the detection is accurate (service, endpoint, method).
   - In Next Steps, choose whether to Mute, Create Ticket, or Run Workflow depending on ownership and impact.
1. Investigate:
   - Use the Context tab to examine the endpoint snapshot and attributes (method, path, authentication flags, tags).
   - Detected In provides information for routing ownership and remediation.
   - In Detection Rule Query, you can edit an API finding rule by clicking See Detection Rule.
1. Fix:
   - Follow the guidance under Remediation.
1. Track:
   - Use Create Ticket to link the issue to your tracking system.
   - Use Reference Links for developer education or code review.

## Remediation{% #remediation %}

Datadog API Posture uses [Bits Code](https://docs.datadoghq.com/bits_ai/bits_code.md) to generate code fixes for vulnerabilities.

1. In Datadog, navigate to [**Security** > **App & API Protection** > **Findings**](https://app.datadoghq.com/security/appsec/inventory/finding).
1. Select a finding to open a side panel with details about the finding and the affected endpoint.
1. In the **Next Steps** > **Remediation** section, click **Fix with Bits**.

This opens a Bits Code session to fix this single API finding. You can review the proposed diff, ask follow-up questions, edit the patch, and create a pull request to apply the remediation to your source code repository. View all Bits Code sessions on **Bits AI** > **Bits Code** > [**Sessions**](https://app.datadoghq.com/code).

### Remediation session details{% #remediation-session-details %}

Each Bits Code session shows the life cycle of an AI-generated fix so you can review and validate changes before merging. It includes:

- The original security finding and proposed code change
- An explanation of how and why Bits Code generated the fix
- CI results (if enabled) to validate the patch is safe to deploy
- Options to refine the fix or **Create PR** to apply the changes to your source code repository

To open the remediation session, select the API finding from the [**Findings**](https://app.datadoghq.com/security/appsec/inventory/finding) page to open the side panel, scroll to the **Remediation** section, and select **Expand & Chat**.

You can also view all remediation sessions on [**Sessions**](https://app.datadoghq.com/code).
