Class 4: [Day-1] CE - API Protection and Discovery

Objective:

  1. Protect API with Positive Security Model
  2. Protect specific API Endpoint
  3. Protect API with rate limit policy
  4. API Discovery with AI/ML

Protect API with Positive Security Model

On Widnows jumphost, there are 2 files to be use for this class. Postman collection to test API and OpenAPI/Swagger file to be uploaded onto F5XC Console - API Inventory.

../_images/class4-01.png

Upload trading api inventory

../_images/class4-02.png ../_images/class4-03.png ../_images/class4-04.png

Swagger file successfully uploaded. “trading-oas3” will be the API inventory for trading API.

../_images/class4-05.png

Create API definition from Swagger file

../_images/class4-06.png ../_images/class4-07.png ../_images/class4-08.png

View imported swagger file with the created API definition

../_images/class4-09.png ../_images/class4-10.png ../_images/class4-11.png ../_images/class4-12.png ../_images/class4-13.png ../_images/class4-14.png ../_images/class4-15.png ../_images/class4-16.png ../_images/class4-17.png ../_images/class4-18.png ../_images/class4-19.png ../_images/class4-20.png ../_images/class4-21.png ../_images/class4-22.png ../_images/class4-23.png ../_images/class4-24.png ../_images/class4-25.png ../_images/class4-26.png ../_images/class4-27.png ../_images/class4-28.png ../_images/class4-29.png ../_images/class4-30.png ../_images/class4-31.png ../_images/class4-32.png ../_images/class4-33.png ../_images/class4-34.png ../_images/class4-35.png ../_images/class4-36.png ../_images/class4-37.png ../_images/class4-38.png ../_images/class4-39.png ../_images/class4-40.png ../_images/class4-41.png ../_images/class4-42.png ../_images/class4-43.png ../_images/class4-44.png ../_images/class4-45.png ../_images/class4-46.png ../_images/class4-47.png ../_images/class4-48.png ../_images/class4-49.png ../_images/class4-50.png ../_images/class4-51.png ../_images/class4-52.png ../_images/class4-53.png ../_images/class4-54.png ../_images/class4-55.png

Protect API with rate limit policy

../_images/class4-56.png ../_images/class4-57.png ../_images/class4-58.png ../_images/class4-59.png ../_images/class4-60.png ../_images/class4-61.png

Protect specific API Endpoint

../_images/class4-62.png ../_images/class4-63.png ../_images/class4-64.png ../_images/class4-65.png ../_images/class4-66.png ../_images/class4-67.png ../_images/class4-68.png ../_images/class4-69.png ../_images/class4-70.png ../_images/class4-71.png ../_images/class4-72.png

API Discovery with AI/ML

../_images/class4-73.png ../_images/class4-74.png ../_images/class4-75.png ../_images/class4-76.png