API Attack Surface Management Setup ¶

This article describes how to enable and configure API Attack Surface Management to discover your external hosts with their APIs, identify missing WAF/WAAP solutions, and mitigate API Leaks and other vulnerabilities.

Enabling¶

To use AASM, the Wallarm's API Attack Surface subscription plan should be active for your company. To activate, do one of the following:

• If you do not have Wallarm account yet, get pricing information and activate AASM on the Wallarm's official site here.

  This activates the Core (freemium) version, and scanning of the used email's domain starts immediately. After activation, you can add additional domains to the scope.

  You can continue using the Core version for as long as you need, provided that Enterprise features are not necessary for your use. See differences of different versions here.

• If you already have Wallarm account, contact sales@wallarm.com.

Adding domains¶

To configure API Attack Surface Management to detect hosts under your selected domains and search for security issues related to these hosts:

1. Proceed to Wallarm Console → AASM → API Attack Surface section → Configure.

2. Add your domains to the scope and check the scanning status.

Wallarm will list all hosts under your domains and show security issues related to them if there are any. During scan, at the Status tab, you can pause or continue scanning for any domain with pause/play buttons.

Scheduled rescan¶

Previously added domains are automatically re-scanned once every 7 days - new hosts will be added automatically, previously listed but not found during re-scan will remain in the list.

Manual rescan¶

You can re-start, pause or continue scanning for any domain manually at Configure → Status by clicking the play/pause buttons.

Notifications¶

You automatically receive notifications to your personal email (the one you use to log in) about discovered hosts and security issues, including:

• Found critical security issues - detailed description of each issue and instructions on how to mitigate them.

• Every scan results - information on all new security issues found during the scan with their distribution by risk level and suggested action items for mitigation.

• Weekly AASM statistics - information about hosts and APIs discovered for your configured domains within last week and security issues for them.

The notifications are enabled by default. You can unsubscribe at any moment and configure any additional emails to get all or some of these notifications in Wallarm Console → Configuration → Integrations → Email and messengers → Personal email (you email) or Email report (extra emails) as described here.

Was this page helpful?

How can we improve this article? (Optional)

Information is unclear or confusing

Insufficient information

Outdated or incorrect information

0/240

Send