Merge pull request #258535 from harissohail55/patch-9

v-dirichards · web-flow · commit cabbe5c59b6f · 2023-12-01T15:22:16.000-06:00
Update faq-defender-for-apis.yml
diff --git a/articles/defender-for-cloud/faq-defender-for-apis.yml b/articles/defender-for-cloud/faq-defender-for-apis.yml
@@ -26,7 +26,9 @@ sections:
       
       - question: How does Defender for APIs handle support for API revisions in Azure API Management?
         answer: API revisions in Azure API Management are shown as separate API endpoints within Defender for APIs because each API revision is unique and might have its own security insights. 
-                Offline Azure API Management API revisions aren't shown in the onboarding or security insights blades of Defender for APIs because offline revisions don't allow any traffic to be sent to them and pose no security risk.
+                Offline Azure API Management API revisions aren't shown in the onboarding or security insights blades of Defender for APIs because offline revisions don't allow any traffic to be sent to them and pose no security risk. For Azure API Management API operations, it is advised to always have the current revision of an API operation onboarded when onboarding other non-current revisions for the same operation. 
+                This is to ensure security insights data is accurately reflected in Defender for APIs. After setting a single revision as the current revision, it may take up to 24 hours for Defender for APIs to start receiving HTTP traffic logs for security monitoring of the updated revision, and the previously assigned sensitive information types and sensitivity labels for the current revision will remain present.
+
       - question: Does Defender for APIs collect API traffic logs from Azure API Management?
         answer: Defender for APIs receives a copy of all of the HTTP request and response traffic sent to the API management service for all onboarded APIs. This includes the request URL, the response status code and a subset of HTTP headers for the requests and responses. Also, Defender for APIs receives a copy of some of the HTTP request and response bodies. The request and response bodies received by Defender for APIs are capped at a size of 64KB.
               
