Skip to Content
Product
Enterprise
Solutions

By industry

Financial ServicesHealthcareInsurance

By initiatives

Security InitiativesGovernance InitiativesAI Innovations
View All Solutions
Documentation
Pricing
Resources
Sign In
Sign upBook a DemoMenu
Product
Enterprise
Solutions
DocumentationPricing
Resources
Book a DemoSign InGet Started
Product

Platform

API Intelligence robotAPI IntelligenceAPI Documentation robotAPI DocumentationAPI Documentation robotAPI SecurityAPI Analytics robotAPI AnalyticsAPI Analytics robotAPI GovernanceAPI Analytics robotAPI AssistantAspen LogoAPI Testing
Solutions

By industry

Financial ServicesHealthcareInsuranceAutomotiveIoTSports-TechTelecommunicationsTravel

By initiatives

Security InitiativesGovernance InitiativesAI InnovationsAPI MonetizationDeveloper ExperienceDigital TransformationObservability InitiativesScaling API TeamsCustomer Tracking
Resources

Resources

eBooksEventsNewsKnowledge baseSystem StatusIntegrationsSecurity

Company

BlogAbout UsCustomers

Treblle Docs

Explore TreblleWorkspace and SidebarHomeSecurity

Home-Security dashboard

The Home-Security dashboard provides a real-time overview of your API security posture across all environments, gateways, and services. It aggregates key safety metrics into a single view so you can quickly understand what risks exist across your APIs.

This dashboard is powered by real-time API traffic analysis so you can see what’s happening with your APIs in production.

Security Overview Cards

Below the top banner are key security indicators:

Vulnerable APIs

Number of APIs currently flagged with known issues or risks.

APIs with Incidents

APIs that have triggered security or operational incidents.

Zombie APIs

APIs that exist but show little or no recent activity — often forgotten and unmaintained.

Non-Compliant APIs

APIs that violate governance, security, or compliance standards.

PII Footprint

This table highlights APIs that may expose sensitive data.

  • API: API name
  • Risk: Severity level (Low, Medium, High)
  • Problems: Number of detected issues
  • Occurrences: Frequency of incidents
  • Last Occurrence: Most recent detection

Impacted Customers

This section shows how security issues affect real users.

  • Customer: Which customers are impacted
  • API: Which APIs are involved
  • Failed Requests: Number of failed or problematic requests

API Distribution and Vulnerability Analysis

Understanding exposure types helps assess risk boundaries.

APIs by Type

Breakdown of APIs by:

  • Internal
  • External
  • Partner

BFLA (Broken Function Level Authorization)

Shows APIs vulnerable to authorization flaws.

  • API: Name of the API
  • BFLA #: Number of requests that failed the BFLA mechanism check

Authentication Types:

Displays the security level of APIs.

  • API: Name of the API
  • Authentication: The authentication level can be basic, bearer, custom, or No Auth (Authentication)
  • Status Indicator: Status can be secure (proper and in place), risky (weak or misconfigured), or No Auth

BOLA (Broken Object Level Authorization)

Lists APIs vulnerable to object-level access issues.

  • API: Name of the API
  • BOLA#: Number of requests that failed the BOLA mechanism check
  • Status: Access status usually marked as 403 with the message Forbidden

Risky IPs Map

Visual representation of suspicious or risky traffic sources. Used to:

  • Identify geographic attack patterns
  • Detect unusual traffic spikes
  • Support incident investigation

Security and Safety Checks

Tracks API security issues aligned with OWASP standards.

Zombie APIs

Lists APIs that are inactive or abandoned.

  • API: Name of the API
  • Last Active: Last time this API was active

OWASP 10

Tracks API security issues aligned with OWASP standards.

  • OWASP: Shows the category of security risk classified as API#(1-10) with a security misconfiguration (e.g. SQL injection)
  • Endpoints: Shows affected endpoints as a percentage
  • Status: Status usually marked with Fail

Unsecured APIs

Highlights APIs lacking proper authentication.

  • API: Name of the API
  • Authentication: The authentication level can be Bearer Token / OAuth, API Key, Basic Auth, and None/Unknown (defaults when no auth is detected)

Filters & Controls

At the top-right of the dashboard, you can filter data by:

  • Environment (e.g. production, staging)
  • Category (e.g. end user, department)
  • Time range (e.g. last 24 hours)
Last updated on
White Treblle logoAll System Operational
Product
API IntelligenceAPI DocumentationAPI GovernanceAPI AnalyticsAPI SecurityAPI AssistantAPI TestingAPI Insights
Solutions
AI InnovationsSecurity InitiativesGovernance InitiativesObservability InitiativesDigital TransformationDeveloper ExperienceScaling API TeamsAPI MonetizationCustomer Tracking
Industries
Financial ServicesInsuranceHealthcareTravelAutomotiveIoTSports-TechTelecommunications
Resources
eBooksEventsNewsKnowledge baseDocumentationIntegrationsPricingOnly for LLMs
Company
About UsCareersEnterpriseBook a DemoBlogCustomersSecurity
© 2025 Treblle. All Rights Reserved.
Privacy Policy
Terms of Service
GDPR BadgeSOC2 BadgeISO BadgeHIPAA Badge