Tutorials

API Protect Micro API Firewall Reports and Troubleshooting

You’ve seen how 42Crunch can protect your APIs and microservices – now let’s review reporting.

Viewing Transaction Logs

At any time, you can click on transaction logs to view all failed transactions found by the conformance scan and review the full list.

failed-transactions (Custom)

Look up a Specific Error

So one thing that I want to show first is how you can troubleshoot and see that specific transactions that get blocked. Sometimes you can have legitimate users and maybe your partners, your other teams who might have been using your APIs incorrectly – and might have started relying on some sort of hacks of your APIs and using the APIs in a way that you wouldn’t expect. And they might call you and complain that something that used to work, no longer works. All you need to do is ask them for that transaction ID.

Now you can easily go into the 42Crunch console and use that ID to look up the specific transaction and drill down into the details of what went wrong.

Click on Transaction Logs, then paste the ID into the search bar. You will see what exactly happened, what exactly failed and why. You will get detailed information for the requests coming in, and then if response was blocked – what happened to the response.

Non-blocking Mode

There’s a setting to run the firewall in nonblocking mode. This is something that you can use when you don’t yet want to enable the protection, but you want to start getting reports on all the calls that are outside of the contract. So maybe if you are not comfortable yet to start enforcing the protection and you want to just figure out who is using your APIs incorrectly outside of a contract, you can run it in non-blocking mode and see those calls before you enable the protection.

4-audit-report (Custom)

Security Dashboard

You can click on ‘Security Dashboard’ to view overall reporting to see how your APIs are being used.

Latest Resources

WEBINAR

Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.

BLOG

How to Protect APIs from OWASP Authorization Risks: BOLA, BOPLA & BFLA

By Hugh Carroll | February 20, 2024

The OWASP API Top Risks listing identifies three different Authorization challenges  Coding issues relating to Authorization configuration failures continue to present a significant challenge for development and security teams building and protecting APIs. Just read any issue of our fortnightly APIsecurity.io newsletter and you’ll discover that Authorization-based breaches […]

DataSheet

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.