We are excited to announce a significant new capability in our API Security tab, aimed at providing unprecedented visibility into GraphQL-based APIs.
GraphQL is an open-source data query and manipulation language for APIs, along with a runtime for executing queries. It’s a powerful alternative to REST
that enables efficient and flexible data aggregation from multiple sources through a single HTTP
endpoint. This approach simplifies data management, but also introduces unique API security challenges.
Traditional cloud security tools often treat GraphQL interactions monolithically, aggregating data across all queries into a single “GraphQL API.” This approach overlooks the detailed metrics from the query level— metrics that provide insights that are critical for effective API security.
With this extended support for GraphQL HTTP
endpoints, Upwind provides the next level of visibility – now showing you not only GraphQL usage overall, but going deeper to provide visibility into individual queries, so you can understand and secure their usage as individual APIs.
With Upwind’s GraphQL support you can:
- See requests traffic over-time to GraphQL on an aggregate and per-query basis
- View schema on a per-query level
- Go beyond service communication to see the individual GraphQL query requests and responses
This capability not only gives you increased visibility and context into GraphQL, it also allows you to rapidly identify abnormal API communication and proactively guard against threats or suspicious API communications.
To learn more about Upwind’s API Security, visit the Upwind Documentation Center (login required) or send us a message at [email protected]