API Governance Alerts
The API Governance Alerts in AppSentinels are critical for monitoring API behavior and enforcing security policies. These alerts notify security teams about policy violations, unauthorized exposure, and runtime risks associated with APIs.
Use Cases for Governance Alerts
- Detection of new or undocumented APIs
- Exposure of APIs using insecure authentication (e.g., Basic Auth)
- Monitoring of unauthenticated APIs handling sensitive data
- Tracking inactive or deprecated APIs being accessed again
- Detection of sensitive data leaks through URL or unprotected endpoints
Configuration of Alerts
Governance Alerts can be managed under Settings → Vulnerability → Governance. Each alert can be toggled ON or OFF and assigned a severity level such as Critical, Major, Minor, or Info. The interface allows in-place editing of these configurations.
Viewing Governance Alerts
Once governance controls are active, violations are reported under
Vulnerabilities → Events categorized as
Governance. These events can be filtered easily using the
Event Filters.
Filtering Governance Events
To analyze only governance-related events, navigate to the filter section and set the category to "Governance". Additional filters like Endpoint, Severity, Method, and Date Range can be applied for fine-grained analysis.
Summary Dashboard
The Vulnerability Summary panel gives a high-level view of governance and other security issues. It includes severity distribution, event status, and detection engines like Governance, Passive Scan, and Runtime Scan.
- Total Events: Number of governance violations detected
- Severity Breakdown: Critical, Major, Minor, Info
- Status: Open, False Positive, Analyzed, Risk Accepted, Resolved
- Detection Source: Governance, Passive Scan, Active Scan, Runtime Scan