Forum Discussion

kkuzhal's avatar
Icon for Nimbostratus rankNimbostratus
Nov 06, 2023

Guided Configuration on API security

Hi Folks,

We are using ASM module for some time and there are many application security policies that are in block mode. 

We have some api related application in our environment, now wanted to protect those api based applicaiton through guided configuration. 

Please guide to start with guided configuration with respect to api security. 




1 Reply

  • Hi kkuzhal,

    the guided configuration for AWAF API protection offers two variants.
    1. You have an OpenAPI Specification (formerly Swagger Specification)
    2. You don't

    If you have, it will allow only the specified API endpoint and methods. If you don't, you have to specify them manually. That's pretty much it.

    I like API Protection with APM better, because it includes authentication and rate limiting.