API - Documentation

Digital Transformations & Innovations

APIs are expected to grow to millions. Your ability to explore these APIs to find and test suitable ones is key to building innovative applications. TeejLab API Discovery platform is built for people with technical as well as non-technical skills to explore various aspects of APIs to accelerate the development of innovative applications.

Learning & Exploring API Basics

In this video a TeejLab high-school intern explains APIs; API Discovery and Digital Innovations. A must watch video for aspiring API programmers and students.

Claiming APIs

TeejLab API Discovery has indexed thousands of APIs. Many of these APIs are fully configured (with parameters and authentication details) so that you can make trial API calls. APIs that are not fully configured can be claimed to provide additional details. Once configured, these APIs can then be called by users for making live calls. In this video, Priyansh explains how to claim such APIs for TeejLab marketplace.

Adding APIs

This video demonstrates adding APIs in the API Discovery Platform.

Adding APIs with API Key Authentication

APIs can be authenticated many ways. Using API keys for authentication is one of the popular methods. In this video, Ishaan talks about adding APIs (in TeejLab API Discovery platform) that requires API key based authentication.

API Discovery, Security & Governance

Industry’s first comprehensive API Discovery and Governance solution to manage legal, business, financial and regulatory risks introduced by public, private, free, and even paid APIs:

(1) Discover hidden/shadow APIs via industry leading Static and Dynamic Analysis.
(2) Empower developers with automated Source Code Scanning and API Benchmark tools that help them build applications faster without compromising on security and legal risks.
(3) Govern private, public, free, and paid APIs through internal and external marketplaces.
(4) Enable InfoSec teams with automated Network Scanning tools to detect and prevent unauthorized access to digital resources facilitated by myriad of APIs.
(5) Empower leadership teams with powerful analytics having compliance and business insights to make informed decisions during vendor/partner selections and M&A transactions.

API Security - Executing OWASP Top-10 & CIS Top-20 Security Tests

In this video tutorial, Won Woo demonstrates API Security framework in the API Discovery and Security Management™ platform. This framework can be used for security testing of APIs. It supports OWASP Top-10 and CIS Top-20 (General) AP security tests.

API Security - Automating API Testing

In this video, Gaurav Satija talks about USPS data breach in 2017, which lead to breach of 60 million customers data due to weaknesses in API authentication.

He demonstrates how TeejLab’s API Discovery platform could have helped in prevented such data breached through Automated Security Test features.

API Security - Legal Risk Management

API Discovery and Security™ is a cloud-based Software as a Service (SaaS) platform for end-to-end API Management programs. It allows organizations to find and test Public/Open APIs, benchmark Private/Internal APIs with industry leading standards, and monitor APIs on regular basis for security and legal risk management.

Users can perform automated security tests using OWASP top-10 and CIS top-20 frameworks to find and mitigate API-specific vulnerabilities. That helps enterprises in managing legal risks (such as compliance with GDPR, HIPPA, EU-US Privacy Shield, SOC2, PCI-DSS, ISO27001) and security threats (such as unauthorized access and SQL injection problems leading to data breaches) even before APIs are integrated with various SaaS/cloud products and services.

Users can also perform Software Composition Analysis to discovery embedded APIs from software applications. Users can generate security and compliance reports (in pdf, CSV, etc.) to collaborate with different stakeholders across organizations.

Ultimately, API Discovery™ helps enterprises in achieving their digital and data monetization objectives without compromising on their data privacy, security and integrity obligations.

Data Sheet - API Discovery Manager

API Discovery Manager is designed to bring more transparency to enterprises that have less visibility into their applications (due to unknown APIs that connect various internal and external systems). Discover hidden or shadow APIs via static analysis (scan software repositories) or through dynamic analysis (scan networks or servers).

Discovery is enabled via world’s first comprehensive API KnowledgeBase™ - a curated repository of public and private APIs with advanced search capabilities to find APIs by needs, vendors, industries, sample responses, etc. Explore and analyze associated API agreements, regulatory/compliance requirements while making “one-click” live calls to test and compare responses. An ideal platform for benchmarking APIs and picking the most suitable ones that meet your price-value-risk criteria.

Refer to the attached data sheet for more details.

Data Sheet - API Security Manager

API Security Manager is designed to benchmark and test discovered/hidden and internal/external APIs. This is to ensure that security and compliance posture of your APIs is robust. It provides a holistic security testing workbench that can be embed within CICD pipeline to scale the automated testing of APIs using OWASP top-10, CIS top-20, and other custom frameworks. Various forms of API responses (text, images, audios) can also be benchmarked using different metrics. Read the attached data sheet for more details.

Webinar - ISACA Austin Chapter

APIs benefit organizations immensely through accelerated innovations, newer business models, competitive differentiation, but organizations are also negatively impacted by APIs due to their weak security posture leading to business disruptions, legal and compliance issues. Gartner has actually predicted that by 2022, API abuses will be the most frequent attack vector resulting in data breaches for web applications. Given the importance of APIs for digital transformation at organizations, it is imperative for their Security, Compliance and Audit professionals to get a handle on APIs to manage various API related risks. This session will provide an overview of an API Governance framework for effective API Risk Management. This framework is inspired by the Zero Trust model that enterprises can use as a “Swiss Knife” for reducing their API related risks. We’ll also highlight best practices and hands-on examples for API Risk Management.

Webinar - ISACA Sri Lanka Chapter

TeejLab CEO, Baljeet Malhotra @ ISACA Sri Lanka. Web APIs contribute 83% of the Internet traffic today. APIs benefit organizations immensely through accelerated innovations, newer business models, competitive differentiation. But the growing API usage also means increased cybersecurity risks for enterprises. Given the importance of APIs in digital transformation and the risk they pose to enterprises, it is imperative for Security, Compliance and Audit professionals to better understand various API risks.

Training - Cyber Fraud Management through Digital Forensics

Digital Forensics involves understanding an organization's IT systems and processes including infrastructure, applications, data usage and management policies, procedures, and operational preparedness (against recognized industry standards and best practices) to uncover various forms of digital frauds. Web APIs are common glue that connect these digital ecosystems with people and processes all across the globe. APIs have the power to impact organizations both positively (through innovations, new business models, competitive differentiation) and negatively (due to security, business disruptions, legal and compliance issues). These impacts are compounding with increased API footprint of enterprises. Not surprisingly, Web APIs are contributing up to 85% of the Internet traffic enabling various digital operations.

It is imperative for Fraud Examiners and Audit Professionals to better understand various digital frauds in the cyber-world that could occur through APIs posing various risks to organizations. In this context API Forensics has become an important aspect of technology due diligence, especially for detecting business frauds and crimes. In this session, we'll go through the details of an API-Forensics process containing hands-on-training scenarios to help Fraud Examiners, Auditors, Compliance and Cybersecurity practitioners. We’ll also highlight industry best practices thorough hands-on examples for API Risk Management.