API scan detected on service
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Goal
Detect when your API endpoints are being probed by a third party. The goal of the attacker may be to find undocumented APIs or functionality.
Strategy
Monitors the HTTP errors produced by the application in API endpoints and triggers when an elevated rate is detected.
The signal is set to LOW
severity, as the error produced by an API endpoint depends on the actual implementation of each application.
Triage and response
- Review the
4xx
errors to detect if your application is temporarily misbehaving. - Consider temporarily blocking the attacking IP(s) to prevent them from overloading your systems or identifying confidential resources.