Manage your Defender for APIs deployment
This article describes how to manage your Microsoft Defender for APIs plan deployment in Microsoft Defender for Cloud. Management tasks include offboarding APIs from Defender for APIs.
Defender for APIs is currently in preview.
Offboard an API
In the Defender for Cloud portal, select Workload protections.
Select API security.
Next to the API you want to offboard from Defender for APIs, select the ellipsis (...) > Remove.
Optional: You can also select multiple APIs to offboard by selecting the APIs in the checkbox and then selecting Remove:
Query your APIs with the cloud security explorer
You can use the cloud security explorer to run graph-based queries on the cloud security graph. By utilizing the cloud security explorer, you can proactively identify potential security risks to your APIs.
There are three types of APIs you can query:
API Collections: API collections enable software applications to communicate and exchange data. They are an essential component of modern software applications and microservice architectures. API collections include one or more API endpoints that represent a specific resource or operation provided by an organization. API collections provide functionality for specific types of applications or services. API collections are typically managed and configured by API management/gateway services.
API Endpoints: API endpoints represent a specific URL, function, or resource within an API collection. Each API endpoint provides a specific functionality that developers, applications, or other systems can access.
API Management services: API management services are platforms that provide tools and infrastructure for managing APIs, typically through a web-based interface. They often include features such as: API gateway, API portal, API analytics and API security.
To query APIs in the cloud security graph:
Sign in to the Azure portal.
Navigate to Microsoft Defender for Cloud > Cloud Security Explorer.
From the drop-down menu, select APIs:
Select all relevant options.
Add any other conditions.
You can learn more about how to build queries with cloud security explorer.
Learn about Defender for APIs.