Dashboard

When you log in to APIFORT, the dashboard opens by default. It contains the submenus: Traffic Summary, API Discovery, Sensitive Data, and OWASP API 2023.

Traffic Summary¶

Traffic Summary includes data and charts for API Traffic, API Types, Sensitive Data Types, Methods, Severities, and Attack Types. Charts can be customized with date-based filtering.

API Traffics¶

It displays data and charts summarizing all Attacks and Requests within the application.

alt text

Attack Sources¶

It displays the geographic distribution of attack sources on a world map. Each marked point represents a source location from which an attack attempt originated. Below the map, a table provides detailed information, including the location and the corresponding number of hits detected from each source.

alt text

Attack Types¶

It displays the attack types and their counts within the application.

alt text

Sensitive Data Types¶

It displays the Sensitive Data Types and related counts within the application.

alt text

API Types¶

It displays the API Types and related count within the application.

Shadow: APIs that are undocumented or not known to the system.
Orphan: APIs that are no longer in use but still exist within the system.
Used: APIs that are currently active and in use.
Zombie: APIs that are outdated or deprecated but still accessible.

alt text

HTTP Types¶

It provides a list of HTTP types along with the count for each type.

alt text

Methods¶

It displays the method and related count within the application.

alt text

Severities¶

It displays the severity levels and count of attacks within the application.

alt text

API Discovery¶

API Discovery includes data and charts for the Top 10 Risky APIs, Sensitive Data, API Inventory, Risk Score, and API Types.

Top 10 Risky APIs¶

It lists the top 10 APIs with the highest risk levels.

alt text

API Discovery Summary¶

It contains a bar chart that displays the risk scores of APIs by level and pie charts about the API Types.

alt text

Sensitive Data¶

It displays a pie chart with the types of sensitive data in the application and their counts.

alt text

API Inventory¶

It displays the catalog names and endpoint counts of APIs. By selecting the application from the top right corner, users can access the catalogs and endpoints associated with that application.

alt text

Sensitive Data¶

It displays the defined sensitive data with details. It provides counts of Sensitive data types and API Endpoints with Sensitive Data Types.

Top 10 Observed Data Types¶

It displays the top 10 sensitive data types with the highest count.

alt text

Observed Sensitivity¶

It displays sensitivity levels of sensitive data.

alt text

Data Catalog¶

It displays the sensitive data catalog.

alt text

When any catalog is clicked, the corresponding endpoints tab is opened.

alt text

When any endpoint is clicked, its details are displayed.

alt text

OWASP API 2023¶

It displays the compliance of application traffic with OWASP 2023 standards along with relevant details. The filter area allows selecting applications from the system. The content is updated based on the selected application.

alt text

Summary¶

It provides a general summary of OWASP categories. It presents an overview of critical and non-critical items.

alt text

Vulnerabilities¶

Categories vulnerabilities as high, medium, and low based on their numbers.

alt text

Click on a vulnerability to examine its analysis in detail.

alt text