Wallarm API Security Wallarm updates logo

Wallarm updates

Discover the latest features, improvements, and updates in Wallarm API Security

Subscribe to Updates

Labels

  • All Posts
  • API Security
  • WAAP
  • ANNOUNCEMENT
  • IMPROVEMENT
  • FIX
  • FAST

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • August 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • August 2019
  • April 2019
4 years ago

Wallarm API Discovery

know-your-api-post (1).png

What do you know about your APIs? Why are the vulnerable v2 and v3 still exposed if they are deprecated for almost a year? What else is exposed, and you don’t even know? Are Swagger specs up to date? (Teaser: Surely not). A lot of questions, right? Meet Wallarm’s latest feature for API Discovery and Observability to better understand and protect your APIs.

Wallarm API Discovery identifies all APIs including shadow and zombie APIs and gives you up-to-date specs — based on the actual API usage.

So how where exactly can API Discovery help? There are two major ways:

  • Firstly, API inventory. The larger the company, the fewer the people that actually know what you have exposed. Different endpoints are owned by different teams. Add here multiple versions of APIs — some that are already deprecated and some still maintained — and this very soon becomes a total mess. You can easily have some outdated (and vulnerable) version of the API method exposed — and nobody will even know! It’s called a Shadow API. The only way to get full visibility is to see what APIs are actually used and how they are used, based on the traffic.
  • Secondly, up-to-date API specs. We bet you wouldn’t be surprised that specs are very often behind. It’s a life after all and docs are rarely properly updated. But you would be amazed by how significant the difference between docs and reality can be. For some APIs, you can have no Swagger at all. Or, you can have docs that clearly say that /checkout method has five parameters. Meanwhile, real traffic can show that there are plenty of requests that actually have six parameters, with one of them optional. Think of it as Swagger / OpenAPI specs generated based on the traffic.

Join the early access program by sending a note to request@wallarm.com and read a blog post for more details.

Avatar of authorWallarm team