このページは、まだ日本語ではご利用いただけません。翻訳中です。
Contact 3rd party for support: This plugin is developed, tested, and maintained by Appsentinels
The AppSentinels API Security Platform is purpose-built for keeping the security needs of next-generation applications in mind. At the platform’s core is an AI/ML engine, AI Sentinels, which combines multiple intelligence inputs to completely understand and baseline unique application business logic, user contexts, and intents, as well as data flow within the application, to provide the complete protection your application needs.
How it works
The AppSentinels plugin performs logging and enforcement (blocking) of API transactions. The plugin seamlessly integrates with to provide visibility and protection.
The AppSentinels plugin works in the following two modes:
-
Logging or transparent mode: A copy of the request and response transactions is made and asynchronously shared with AppSentinels Edge Controller to provide visibility and security. Integrations can help provide enforcement, such as blocking of bad IPs and threat actors.
-
Enforcement mode: This mode provides transaction level blocking. Incoming requests are held until the AppSentinels Edge Controller provides a verdict. If the Controller provides a negative enforcement response of enforcement, the request is dropped from further processing. In case of higher latency of a verdict, the plugin performs a fail open to ensure business continuity.
The same plugin supports both modes.
How to install
The AppSentinels plugin is provided as a set of lua scripts.
-
Obtain the plugin directly from AppSentinels or a distributor.
-
Mount/copy the Lua files or create a Kong container image with Lua files (usually at
/usr/local/share/lua/5.1/kong/plugins/appsentinels
). -
Update your loaded plugins list in Kong Gateway.
In your
kong.conf
, appendappsentinels
to theplugins
field. Make sure the field is not commented out.plugins = bundled,appsentinels # Comma-separated list of plugins this node # should load. By default, only plugins # bundled in official distributions are # loaded via the `bundled` keyword.
-
Restart Kong Gateway:
kong restart
Using the plugin
You can use this plugin in one of the following modes: logging/transparent mode (default), or authz/enforcement mode.
Replace localhost:8001
in the following examples with your own Kong admin URL.
Enable logging/transparent mode:
curl -X POST http://localhost:8001/plugins \
--data name=appsentinels \
--data config.http_endpoint=http://onprem-controller:9004
Enable authz/enforcement mode:
curl -X POST http://localhost:8001/plugins \
--data name=appsentinels \
--data config.http_endpoint=http://onprem-controller:9004 \
--data config.authz=true