API Shark

The Free API Discovery & Monitoring Tool

Auto-Discover & Monitor Your Enterprise APIs

Digital transformation trends are propagating enterprise APIs across public, private and hybrid cloud environments faster than you can register and maintain them. Let API Shark discover and monitor your enterprise APIs.

The robust free functionality of API Shark enables:

Automated API Catalogs

Automate your API discovery to build a complete inventory of your enterprise API assets. Better yet, automate the generation of your API specifications in the leading industry standard:
OpenAPI/Swagger.

Proactive Risk Assessment

Automatically generate API blueprints to identify common API risks, such as improper authentication or token re-use. No need to upload your API specification, let API Shark discover it for you.

Deep API Monitoring

Deep API inspection delivers visibility into real-time API calls and API payload metrics. Review API calls to identify risky behavior, such as geographic origin and access to critical assets.

Seamless Deployment

Standalone tool.
No change to code, no need to use shims, and no change to network makes setup a breeze.

Get API Shark

* These fields are required.

Why Use It

For DevOps For SecOps
Adopt a shift left approach to your cloud-native development. Compare and contrast your Dev and Test environments to identify API coverage gaps and issues early. Bridge the gap with DevOps by automatically generating API specifications in OpenAPI/Swagger standards.
Enable live debugging of application API calls in your Dev and Test environments. Enables Identification of the risks within your API specifications.
Monitor API metrics with endpoints and parameters deep into the API call payloads. Automate penetration testing using above-mentioned discovered API specifications to identify vulnerabilities.
Compare and contrast your Dev and Test environments to identify API coverage gaps and issues early. Compare and contrast API specifications between your production and your enterprise catalog to detect & monitor real world attacks on your APIs

How it Works

CloudVector API Shark is supported for all Kubernetes deployments. Identify your applications to be monitored and deploy CloudVector as a sidecar container in your application pods. You are now ready to discover & monitor your APIs.

Automated API Discovery & Risk Assessment

Automatically discover ALL APIs to your application services including Shadow APIs. Enables API Risk assessments of your attack surface.

Enterprise API Catalogs with API Blueprints

Eliminate manual API registration by automating the creation of OpenAPI specifications for continuously discovered APIs.

Deep API Metrics Monitoring

Start monitoring your applications to the API Payload level. API Shark goes deeper than API URL and HTTP headers, enabling you to set your target/dimension to the data within your API payload. For e.g. a API JSON Key or Key & Value within an API Request payload.

Live Network API Call Debugging

Use API Shark to look at the live network API calls for debugging your application services.

Feature Comparison Chart

API SHARK Community Edition Enterprise Edition
API Spec Risk Assessment Upload Spec via Console Integrate into CI/CD
API SHARK Community Edition Enterprise Edition
API Insights Partial Full
API Live View Yes Yes
API Catalog Yes
API SHARK Community Edition Enterprise Edition
API Recording Yes Yes
API Spec Generation – OpenAPI/Swagger 2.0 Format Yes Yes
API Spec Generation – OpenAPI 3.0, RAML Yes
Integration with your CI/CD Pipeline Yes
API Gateway on-boarding Yes (Apigee)
API SHARK Community Edition Enterprise Edition
Kubernetes Yes Yes (MS AKS, AWS EKS, GCP GKE, Self-deployed Kubernetes Clusters)
VM Yes (OS – RedHat, CentOS, Ubuntu, Windows. AWS EC2, Azure Virtual Machine, GCP Compute Engine, Private Data Center)
Nginx Yes
Envoy Yes
F5 Yes
Heroku Yes
AWS Serverless Yes (Lambda)
Virtual SPAN & Tap Yes
Network Tap Yes
API SHARK Community Edition Enterprise Edition
API Design Risks Yes
API Security Risks Yes
API SHARK Community Edition Enterprise Edition
Metrics for basic targets Yes Yes (Targets – Requests, Response Latency, Response Codes, Packet Counts, Total Bytes; Dimensions – API Endpoint, Service IP, Host)
Metrics for advanced targets Yes (Targets – Response Latency, Response Codes, Packet Counts, Packet Size Distribution, Total Bytes; Dimensions – API Payload Keys and Key+Values)
Integration with your APM or 3rd Party Products Yes (Prometheus, Datadog, Splunk, SumoLogic, Grafana)
API SHARK Community Edition Enterprise Edition
Yes
API SHARK Community Edition Enterprise Edition
Yes
API SHARK Community Edition Enterprise Edition
OWASP API Top 10 Yes
API SHARK Community Edition Enterprise Edition
Yes
API SHARK Community Edition Enterprise Edition
IDP Integration Yes
In-line response policy actions Yes
Integration with API Gateways Yes (Apigee, Kong, Mulesoft)
API SHARK Community Edition Enterprise Edition
Standalone Yes Yes
CloudVector Hosted Yes
Hybrid – Standalone + Hosted Yes