/
API Dashboard

API Dashboard

The API Dashboard is a centralized hub that helps to monitor, protect, and optimize your API traffic. It provides a unified view of all endpoints, security events, and performance data within a specified time frame.

The dashboard displays real-time metrics, including request counts, latency, error rates, and throughput. It also stores historical data so you can track trends and identify unusual activity over time.

Key Capabilities:

  • Comprehensive Traffic Metrics
    Monitor API usage with detailed analytics, including performance trends and request volumes, to gain full visibility into system activity.

  • Compliance Reporting
    Automatically generate reports that validate adherence to industry standards and internal security policies, ensuring regulatory alignment.

  • Threat Intelligence
    Detect and highlight the most active attacking source IP addresses, enabling rapid identification and response to malicious activity.

  • Endpoint Inventory and Exposure
    Track the total number of endpoints, identify those with applied security policies, and flag endpoints exposing sensitive data.

  • Security Threat Detection
    Provide insights into the origins of attacks, high-risk activity (e.g., abnormal request patterns, suspicious user agents, anomalous IPs).

  • Data Exposure Risk
    Identify endpoints exposing PII/PCI data and highlight those lacking corresponding security policies to mitigate compliance and privacy risks.

  • Usage Patterns and Operator Insights
    Analyze top endpoints, client IP distribution, user-agent presence, and method usage to ensure operational sanity and detect anomalies.

  • Incident awareness and response readiness
    Provides visibility into recent attacks, alert trends with direct mapping to OWASP Top 10 events.

The API Discovery must be enabled for data to populate in the dashboard.

Dashboard Sections

Overview

The Overview section provides information about endpoints.

  • Total endpoints – Aggregate number of endpoints, including both configured and newly discovered endpoints.

  • Configured – Total number of endpoints for which security profiles have been configured on the App Profiles page.

  • Newly discovered – Total number of endpoints detected by API Discovery that do not have corresponding security policies.

  • High risk for abuse – Displays the number of endpoints that have sensitive information and does not have the security policy.

  • Sensitive data – Total number of endpoints that have sensitive information such as credit card details, personal data, etc.

    Overview.png

Traffic

The Traffic section provides a consolidated view of activity across multiple dimensions, which includes API requests, requests per second, error rate, and mean latency. Metrics are broken down by client IP, method, and user-agent. By hovering over the graph, you can see the total number of successful, blocked, and error requests.

Client_IP.png

 

Status:

Displays the traffic categorized based on HTTP response codes

  • 2xx (Success): Requests processed normally.

  • 4xx (Blocked): Requests denied due to security policies or by the server as client-side errors.

  • 5xx (Errors): Failures caused by server or backend issues.

Status metrics are also aggregated for API traffic, offering visibility into service-level reliability.

Client IP:

Provides a breakdown of API traffic by client IP, providing visibility into who is accessing the API and the contribution of each client to overall system load.

Method:

The graph displays the traffic distribution based on HTTP methods used by clients.

  • GET

  • POST

  • PUT

  • DELETE

  • PATCH, etc.

User-Agent

Displays traffic trends based on user-agent headers in client requests:

  • With User-Agent header: Requests that include the User-Agent header, indicating traffic from standard clients, libraries, or browsers.

  • Without User-Agent header: Requests without the User-Agent header, often originating from automated tools or scanners. Monitoring these helps identify non‑human activity and strengthen defenses.

Compliance Issues

Displays the endpoints that do not adhere to industry standards (Example: PII, PCI DSS, HIPAA, GDPR, etc.).

ComplianceIssues.png

 

An endpoint is considered non‑compliant if:

  • It processes data governed by these standards, and

  • It lacks the required security configuration in App Profiles, or

  • It is visible in API Discovery but has never been applied or configured.

Top Attacking Source IP’s

The geographic map highlights the regions where attack requests originated. At the bottom of the section, the top five attacking client IP addresses are listed. Hovering over any horizontal bar reveals the number of attack requests associated with that specific country or location.

Attack_Origin.png

 

Alerts

Displays all Web Application Firewall (WAF) alerts related to:

  • Configured App Profile endpoints

  • API Discovery Recommendation endpoints

Each alert includes:

  • Attack type (e.g., SQL Injection in parameter)

  • Endpoint / URL

It also displays attack severity levels for quick prioritization and response.

Alerts.png

 

Contact Us
Barracuda Campus
Barracuda Support