Skip to content

API Endpoint Patterns

Design Partner

This feature is only available under feature flag to Design Partners.

Extraction patterns are essential for tailoring Escape's Inventory scope to identify specific API endpoints and schemas relevant to your organization. This section explains how these patterns function, particularly for API endpoints within specified domains and cloud providers.

Default Filter Configuration

Escape's Inventory system automatically populates extraction patterns with domains from major cloud providers for comprehensive coverage. This includes domains such as aws.amazon.com, azure.com, and googleapis.com. When adding a new domain to the exploration scope, the system automatically creates a corresponding wildcard entry (e.g., *.icloud.com), ensuring all subdomains are included in the inventory process.

AI-Driven Suggestions

Escape employs advanced AI to recommend intelligent wildcards for extraction patterns. These recommendations are based on continuous learning from network structure, security configurations, and common patterns across similar organizations. This AI-driven approach streamlines pattern customization, allowing users to enhance API endpoint and schema detection efficiently.

Targeted API Detection

Example 1: Targeting Specific Domains

For an organization with domains such as apple.com, if the aim is to monitor API calls that involve icloud.com but without direct scanning of icloud.com, Escape's patterns manage this efficiently. While apple.com is fully explored—including subdomains and frontends—the references to icloud.com are specifically looked for within the interactions found on apple.com. This method ensures that APIs calling icloud.com are captured as long as they are initiated or referenced within apple.com.

Example 2: Cloud Provider Hosted APIs

When it comes to identifying APIs hosted directly by cloud providers, Escape's patterns are configured to detect these endpoints on the main domain, say example.com, without needing to scan the entire breadth of the cloud provider's infrastructure. This is particularly useful for tracking APIs that are managed through cloud services but are referenced within the company's primary domain.

Conclusion

By configuring extraction patterns to include both broad and specific criteria, Escape's Inventory allows organizations to maintain focused and effective oversight of their API landscape. This targeted approach not only enhances security monitoring but also ensures that the inventory remains relevant and manageable, avoiding unnecessary data overload while still capturing critical API interactions.