Secure the application

AppSentinels API Security Platform protects the application against runtime attacks. The runtime security policy protection is broadly classified into:

• Smart Detection to protect the application from business logic attacks, including those listed in OWASP API Top 10.
• Open API schema enforcement to protect the application against schema violations and non-conformance with the application's API Schema. 
• Core Rule Set to protect the application from web application threats and OWASP Top 10 attacks.

Configure security policy

Security policy rules must be configured on the Defend page on the Dashboard. The specific policy rules required may depend on the application architecture and the environment.

Security events

AppSentinels' multi-layered Defence Shield detects policy violations against runtime attacks based on the configured Security policy.

The Security events reported due to violations should be monitored continuously to understand the nature of the security threat and the impact of successful attacks. This can help improve the Security policy configuration and reduce events.

See Security events for more details.

Event insights are available in the Threat and Risk Report. See Reports for more details.

Objectives

Some of the key objectives of securing the application are:

• Protect the application from Business Logic attacks and Web Application attacks.
• Monitor the security events to assess the threats and improve the Security Posture of the application.