Tips on API monitoring

  • Track your functional uptime with comprehensive, end-to-end testing for both functionality and performance. Simple ping tests are usually not enough to meet your service level agreements (SLAs).
  • Since 95% of API vulnerabilities are due to human error, add monitoring at 5-minute intervals for breaches and downtime. Integrate automated testing into every step of your CI/CD pipeline to filter out human errors and make sure you have load-testing capabilities too.
  • But you should beware of

- tools that perform ‘synthetic testing’ and cannot reproduce actual consumer flows.

- tools that use third-party clouds, adding another layer of insecurity to your API (have internal APIs use on-premise tools instead).

- having separate testing and monitoring solutions.

- tests that are not detailed enough for intelligent results.

Full post here, 4 mins read