Feature/docs 2642 sbfa and user attribution in api sessions #1412
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| # Sensitive Business Flows <a href="../../about-wallarm/subscription-plans/#waap-and-advanced-api-security"><img src="../../images/api-security-tag.svg" style="border: none;"></a> | ||
|
|
||
| With the [sensitive business flow](sbf.md) capability, Wallarm's [API Discovery](overview.md) can automatically identify endpoints that are critical to specific business flows and functions, such as authentication, account management, billing, and similar critical capabilities. Learn from this article how to use the sensitive business flow functionality. | ||
|
There was a problem hiding this comment. Sensitive Business Flow (with capital letters) - it's a name of a capability. There was a problem hiding this comment. use the sensitive business flow functionality to protect your business. |
||
|
|
||
| ## Addressed issues | ||
|
There was a problem hiding this comment. We need to change that title to illustrate what we are actually talking about here. Something about the addressed problem itself e.g. Importance of protecting the sensitive business flows or similar. There was a problem hiding this comment. I think that the "Addressed issues" title provides a clear understanding of what we are talking about. + this is used in other places of the docs similarly. |
||
|
|
||
|
|
@@ -11,7 +11,7 @@ The abuse of the sensitive business flows is ranked six ([API6](https://owasp.or | |
| * Implement stronger security measures (e.g., encryption, authentication, access controls, and rate limits). | ||
| * Easily produce audit trails and evidence of data protection measures. | ||
|
|
||
| ## Automatic tagging | ||
|
|
||
|
There was a problem hiding this comment. Explain the capability first: it is automatic >> you don't need to spend your precious time on manually tagging the endpoints, it work OOTB like magic. |
||
| On finding a new endpoint, API Discovery automatically checks if it potentially belongs to one or several sensitive business flows: | ||
|
There was a problem hiding this comment. On discovering a new endpoint, API Discovery automatically checks whether it potentially belongs to one or more sensitive business flows |
||
|
|
||
|
|
@@ -21,9 +21,9 @@ Automatic checking is performed based on the keywords from the endpoint URL, for | |
|
|
||
| If necessary, later you can manually adjust the list of assigned business flows as described in the section below. | ||
|
There was a problem hiding this comment. The automatics tagging discovers most of the sensitive business flows. However, it is also possible to customize this capability to adjust it to specific business needs of your company. There was a problem hiding this comment. @MaximBashurov not fixed. "manually adjust" reads like I have to fix something, customize sounds better 'cause it implies meeting the unique needs of a customer. |
||
|
|
||
| ## Tagging endpoints manually | ||
|
|
||
| To adjust the results of [automatic tagging](#automatic-tagging), you can manually edit the list of sensitive business flow the endpoint belongs to. You can also manually tag endpoints that do not directly fall under the keyword list. | ||
|
|
||
| To edit the list of flows the endpoint belongs to, in Wallarm Console, go to API Discovery, then for your endpoint, in the **Business flow & sensitive data**, select one or several flows from the list. | ||
|
|
||
|
|
@@ -33,15 +33,14 @@ You can do the same in the endpoint details. | |
|
|
||
| ## Business flows in Sessions | ||
|
|
||
| Wallarm's [API Sessions](../api-sessions/overview.md) are used to provide you with the full sequence of user activities and thus give more visibility into the logic of malicious actors. If session's requests affect the endpoints that in API Discovery were tagged as important for some sensitive business flows, such session will be automatically [tagged](../api-sessions/exploring.md#sensitive-business-flows) as affecting this business flow as well. | ||
|
|
||
| Once sessions are assigned with the sensitive business flow tags, it becomes possible to filter them by a specific business flow which makes it easier to select the sessions that are most important to analyze. | ||
|
|
||
|  | ||
|
|
||
| ## Filtering by business flow | ||
|
There was a problem hiding this comment. business flow or sensitive business flow ? There was a problem hiding this comment. To keep the heading short, I made this fix INSIDE section text. |
||
|
|
||
| Once endpoints are assigned with the sensitive business flow tags, it becomes possible to filter all discovered endpoint by a specific business flow (the **Business flow** filter) which makes it easier on protecting the most critical business capabilities. | ||
|
There was a problem hiding this comment. What's the name of the filter in the UI? AFAIK it's the Sensitive Business flow filter. There was a problem hiding this comment. Also, grammar: Once endpoints are assigned sensitive business flow tags, it becomes possible to filter all discovered endpoints by a specific business flow (using the Sensitive Business Flow filter), making it easier to protect the most critical business capabilities. |
||
|
|
||
|  | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Grammar: Once endpoints are tagged with sensitive business flow labels, it's possible to filter all discovered endpoints by a specific business flow, making it easier to protect the most critical business capabilities.