Conformance

Interested in seeing how your APIs conform to different security profiles?

Our Conformance tab allows you to choose from a set of security profiles, such as FAPI and FDX, and see how many tests your API endpoints pass or fail. It will also detail what checks an endpoint has failed for easy remediation.

Obtaining Results

To see the Conformance tab and the different security profiles, navigate to the Governance feature from the sidebar.

Once here, select the Conformance tab at the top of the page.

Now you can choose your dates from the date range picker at the top of the page.

From here, you can choose the Security Profile from the dropdown menu or search in the dropdown search bar. If you want to learn more about each of our available security profiles, follow the link here.

Now your results should be loaded.

Reading Results

The results will be shown in a table with each row being a checked endpoint. Below the Security Profile description, you'll find some statistics and a basic overview of the checks conducted.

Above the table, you can choose which columns to view. All are automatically shown, except the ID column. Each column gives various information to quickly inform you of the outcome of the checks.

  1. Method - HTTP Method used for the API call.
  2. Endpoint - the endpoint used for the API call.
  3. Type - the type of request for the API call.
  4. Source - the source of the traffic.
  5. Result - the pass or fail results for the API call.
  6. Failures - if there are any failures, how many were found for this API call.

Each row can also be expanded to show what checks have been failed from the chosen Security Profile.

Also, if you feel the Type of the endpoint has been misclassified, you can change the Classification by selecting the dropdown menu.