With the number of APIs increasing constantly right along with the number of cyber attacks, API security has never been so important to success in an enterprise. This MuleSoft Meetup was a co-presentation from Big Compass and PingIntelligence by Ping Identity. We looked at how API security works with MuleSoft including the API development lifecycle and implementing security policies on a live API from Anypoint Platform API Manager. We also displayed the monitoring capabilities from API Manager and what a policy violation might look like.
Then, we had some fun by simulating hacks on our own API. We simulated some common attacks and how API Manager and/or a WAF can block these common attacks.
From there, we dove even deeper by simulating very advanced attacks like OAuth token hijacking, data theft, and DoS attacks that fly under the SLA radar. This is where we implemented PingIntelligence’s Anypoint integration custom API policy, showed how a MuleSoft API can connect with PingIntelligence, and how PingIntelligence uses AI to discover and model normal behavior and learn about your APIs to prevent and report on advanced attacks and instruct Anypoint Platform to stop these requesters.
4. • MuleSoft API Lifecycle
• MuleSoft API Management
• Securing a MuleSoft API
• PingIntelligence with MuleSoft APIs
MuleSoft API Management
and Security