[API Shield] Security Overview update + some naming edits (#24536)

* list

* naming

* more naming

* Apply suggestion from @Oxyjun

Co-authored-by: Jun Lee <[email protected]>

---------

Co-authored-by: Jun Lee <[email protected]>

Author: 2 people

src/content/docs/api-shield/api-gateway.mdx

@@ -1,6 +1,5 @@
 ---
 pcx_content_type: concept
-
 title: API Gateway
 sidebar:
   order: 7
@@ -11,7 +10,7 @@ Cloudflare API Shield empowers you to use Cloudflare as your API Gateway, provid
 
 APIs are fundamental to modern applications but are increasingly targeted by malicious actors. Cloudflare API Shield offers a comprehensive solution to protect, manage, and build your APIs.
 
-- **Enhanced security**: Implement robust runtime protection such as JWT validation, mutual TLS (mTLS) authentication, schema validation, and protection against the [OWASP Top 10 API Security risks](https://owasp.org/www-project-api-security/).
+- **Enhanced security**: Implement robust runtime protection such as JWT validation, mutual TLS (mTLS) authentication, Schema validation, and protection against the [OWASP Top 10 API Security risks](https://owasp.org/www-project-api-security/).
 
 - **Efficient management and monitoring**: Utilize tools for endpoint management, analytics, and routing to streamline API operations. Highlight risks with Posture Management, and gain visibility with Security Analytics and Security Center Insights.
 

src/content/docs/api-shield/changelog.mdx

@@ -39,19 +39,19 @@ Customers can now organize their endpoints by use case and custom labels using t
 
 **API Shield fields in Custom Rules**
 
-Customers can now use API Shield product feature fields in [custom rules](/waf/custom-rules/), referencing features such as [JWT Validation](/api-shield/security/jwt-validation/), [session identifiers](/api-shield/get-started/#session-identifiers), and [Schema Validation](/api-shield/security/schema-validation/).
+Customers can now use API Shield product feature fields in [custom rules](/waf/custom-rules/), referencing features such as [JWT validation](/api-shield/security/jwt-validation/), [session identifiers](/api-shield/get-started/#session-identifiers), and [Schema validation](/api-shield/security/schema-validation/).
 
 ## 2024-09-25
 
-**Fallthrough rule for Schema Validation 2.0**
+**Fallthrough rule for Schema validation 2.0**
 
-Customers can now enable the [Fallthrough Action](/api-shield/security/schema-validation/#add-validation-by-adding-a-fallthrough-rule) for Schema Validation 2.0 to block or log requests that do not match the endpoints listed in schemas protected by Schema Validation 2.0.
+Customers can now enable the [Fallthrough Action](/api-shield/security/schema-validation/#add-validation-by-adding-a-fallthrough-rule) for Schema validation 2.0 to block or log requests that do not match the endpoints listed in schemas protected by Schema validation 2.0.
 
 ## 2024-08-28
 
-**Increased capacity for Endpoint management and Schema Validation**
+**Increased capacity for Endpoint management and Schema validation**
 
-Endpoint management and Schema Validation now support up to 10,000 saved and validated API endpoints.
+Endpoint management and Schema validation now support up to 10,000 saved and validated API endpoints.
 
 ## 2024-07-08
 
@@ -73,9 +73,9 @@ Customers can now use the fields inside [JSON Web Tokens (known as claims)](/api
 
 ## 2024-04-30
 
-**Build Sequence Mitigation rules via the Cloudflare dashboard**
+**Build sequence mitigation rules via the Cloudflare dashboard**
 
-Customers can now build [Sequence Mitigation](/api-shield/security/sequence-mitigation/) rules with a new user interface inside the API Shield section of the [Cloudflare dashboard](https://dash.cloudflare.com/).
+Customers can now build [Sequence mitigation](/api-shield/security/sequence-mitigation/) rules with a new user interface inside the API Shield section of the [Cloudflare dashboard](https://dash.cloudflare.com/).
 
 ## 2024-02-23
 

src/content/docs/api-shield/frequently-asked-questions.mdx

@@ -59,7 +59,7 @@ Not currently.
 
 ## What version of OpenAPI specification do you support?
 
-The importing ([Schema validation](/api-shield/security/schema-validation/)) and exporting ([Schema Learning](/api-shield/management-and-monitoring/#endpoint-schema-learning)) of OpenAPI schemas from our product to customers is done using **OpenAPI v3.0**. Any specifications using patched versions (3.0.x) are compatible as well.
+The importing ([Schema validation](/api-shield/security/schema-validation/)) and exporting ([Schema learning](/api-shield/management-and-monitoring/#endpoint-schema-learning)) of OpenAPI schemas from our product to customers is done using **OpenAPI v3.0**. Any specifications using patched versions (3.0.x) are compatible as well.
 
 ---
 

src/content/docs/api-shield/get-started.mdx

@@ -56,7 +56,7 @@ Cloudflare’s machine learning models have already inspected your existing traf
 
 :::note
 
-Schema validation, Schema Learning, JWT validation, Sequence Analytics, Sequence Mitigation, and rate limit recommendations only run on endpoints saved to Endpoint Management. 
+Schema validation, schema learning, JWT validation, Sequence Analytics, sequence mitigation, and rate limit recommendations only run on endpoints saved to Endpoint Management. 
 :::
 
 You can save your endpoints directly from [API Discovery](/api-shield/management-and-monitoring/#add-endpoints-from-api-discovery), [Schema validation](/api-shield/management-and-monitoring/#add-endpoints-from-schema-validation), or [manually](/api-shield/management-and-monitoring/#add-endpoints-manually) by method, path, and host.
@@ -101,7 +101,7 @@ You can export your learned schemas in the [Cloudflare dashboard](/api-shield/ma
 
 You can observe the top sequences in your API traffic that contain endpoints stored in Endpoint Management. We rank sequences by Correlation Score. High-scoring sequences contain API requests which are likely to occur together in order.
 
-[Sequence Mitigation](/api-shield/security/sequence-mitigation/) allows you to enforce request patterns for authenticated clients communicating with your API. Use Sequence Analytics to better understand the request sequences used by your API clients.
+[Sequence mitigation](/api-shield/security/sequence-mitigation/) allows you to enforce request patterns for authenticated clients communicating with your API. Use Sequence Analytics to better understand the request sequences used by your API clients.
 
 You should apply all possible API Shield protections (rate limiting suggestions, Schema validation, JWT validation, and mTLS) to API endpoints found in high correlation score sequences that make up the critical request flows in your application. You should also check their specific endpoint order with your development team.
 

src/content/docs/api-shield/management-and-monitoring/endpoint-management/index.mdx

@@ -86,7 +86,7 @@ There are two ways to add API endpoints from Discovery.
   </TabItem>
 </Tabs>
 
-### Add endpoints from Schema Validation
+### Add endpoints from Schema validation
 
 <Tabs syncKey="dashNewNav">
   <TabItem label="Old dashboard">

src/content/docs/api-shield/reference/terraform.mdx

@@ -68,7 +68,7 @@ It is required to configure Endpoint Management if you want to set up Schema val
 Refer to the example configuration below to manage [Schema validation 2.0](/api-shield/security/schema-validation/api/) on your zone.
 
 ```tf title="Example configuration"
-# Schema that should be used for schema validation 2.0
+# Schema that should be used for Schema validation 2.0
 resource "cloudflare_api_shield_schema" "example_schema" {
   zone_id                   = var.zone_id
   name                      = "example-schema"

src/content/docs/api-shield/security/index.mdx

@@ -1,6 +1,5 @@
 ---
 pcx_content_type: navigation
-
 title: Security
 sidebar:
   order: 4
@@ -11,7 +10,14 @@ import { DirectoryListing } from "~/components"
 
 Cloudflare offers the following features to help secure your APIs:
 
-<DirectoryListing />
+| Discovery & management | Posture management | Runtime protection |
+| --- | --- | --- |
+| [API Discovery](/api-shield/security/api-discovery/) | [Volumetric Abuse Detection](/api-shield/security/volumetric-abuse-detection/) | [Schema validation](/api-shield/security/schema-validation/) |
+| [Schema learning](/api-shield/management-and-monitoring/endpoint-management/schema-learning/) | [Authentication Posture](/api-shield/security/authentication-posture/) | [JWT validation](/api-shield/security/jwt-validation/) |
+| [Sequence Analytics](/api-shield/security/sequence-analytics/) | [BOLA vulnerability detection](/api-shield/security/bola-vulnerability-detection/) | [Sequence mitigation](/api-shield/security/sequence-mitigation/) |
+| | [Risk labels](/api-shield/management-and-monitoring/endpoint-labels/#risk-labels) | [Mutual TLS (mTLS)](/api-shield/security/mtls/) |
+| | | [GraphQL query protection](/api-shield/security/graphql-protection/) |
+
 
 ## Example Cloudflare solutions
 
@@ -21,20 +27,20 @@ The following table provides examples of how you might match Cloudflare products
 
 | OWASP issue                                     | Example Cloudflare solution                                                                                                                            |
 | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| Broken Object Level Authorization               | [Broken Object Level Authorization vulnerability detection](/api-shield/security/bola-vulnerability-detection/), [Sequence Mitigation], [Schema validation], [JWT validation], [Rate Limiting]                                                                          |
+| Broken Object Level Authorization               | [BOLA vulnerability detection](/api-shield/security/bola-vulnerability-detection/), [Sequence mitigation], [Schema validation], [JWT validation], [Rate Limiting]                                                                          |
 | Broken Authentication                           | [Authentication Posture](/api-shield/security/authentication-posture/), [mTLS](/api-shield/security/mtls/), [JWT validation], [Exposed Credential Checks](/waf/managed-rules/check-for-exposed-credentials/), [Bot Management](/bots/) |
 | Broken Object Property Level Authorization      | [Schema validation], [JWT validation]                                                                                                                  |
-| Unrestricted Resource Consumption               | [Rate Limiting], [Sequence Mitigation], [Bot Management], [GraphQL Query Protection]                                                                   |
+| Unrestricted Resource Consumption               | [Rate Limiting], [Sequence mitigation], [Bot Management], [GraphQL Query Protection]                                                                   |
 | Broken Function Level Authorization             | [Schema validation], [JWT validation]                                                                                                                  |
-| Unrestricted Access to Sensitive Business Flows | [Sequence Mitigation], [Bot Management], [GraphQL Query Protection]                                                                                    |
+| Unrestricted Access to Sensitive Business Flows | [Sequence mitigation], [Bot Management], [GraphQL Query Protection]                                                                                    |
 | Server Side Request Forgery                     | [Schema validation], [WAF managed rules], [WAF custom rules](/waf/custom-rules/)                                                                       |
-| Security Misconfiguration                       | [Sequence Mitigation], [Schema validation], [WAF managed rules], [GraphQL Query Protection]                                                            |
-| Improper Inventory Management                   | [Discovery](/api-shield/security/api-discovery/), [Schema Learning](/api-shield/management-and-monitoring/#endpoint-schema-learning)                   |
+| Security Misconfiguration                       | [Sequence mitigation], [Schema validation], [WAF managed rules], [GraphQL Query Protection]                                                            |
+| Improper Inventory Management                   | [Discovery](/api-shield/security/api-discovery/), [Schema learning](/api-shield/management-and-monitoring/#endpoint-schema-learning)                   |
 | Unsafe Consumption of APIs                      | [JWT validation], [WAF managed rules]                                                                                                                  |
 
 [Schema validation]: /api-shield/security/schema-validation/
 
-[Sequence Mitigation]: /api-shield/security/sequence-mitigation/
+[Sequence mitigation]: /api-shield/security/sequence-mitigation/
 
 [JWT validation]: /api-shield/security/jwt-validation/
 

src/content/docs/api-shield/security/jwt-validation/jwt-worker.mdx

@@ -11,7 +11,7 @@ head:
 
 import { Steps } from "~/components"
 
-Use a Worker to automatically keep your identity provider’s latest public key in the JWT Validation configuration.
+Use a Worker to automatically keep your identity provider’s latest public key in the JWT validation configuration.
 
 ## Prerequisites
 

src/content/docs/api-shield/security/schema-validation/api.mdx

@@ -1,46 +1,46 @@
 ---
-title: Configure Schema Validation via the API
+title: Configure Schema validation via the API
 pcx_content_type: how-to
 
 sidebar:
     label: API
 head:
   - tag: title
-    content: Configure Schema Validation
+    content: Configure Schema validation
 ---
 
 import { GlossaryTooltip, Steps, APIRequest } from "~/components"
 
-Schema Validation 2.0 allows all corresponding configuration calls to be made via API. This validation centers more around individual <GlossaryTooltip term="API endpoint">endpoints</GlossaryTooltip> and lets you set mitigation actions for each endpoint individually. Additionally, you can use Cloudflare-provided learned schemas that we [learn automatically](/api-shield/management-and-monitoring/#endpoint-schema-learning) from your traffic for individual endpoints.
+Schema validation 2.0 allows all corresponding configuration calls to be made via API. This validation centers more around individual <GlossaryTooltip term="API endpoint">endpoints</GlossaryTooltip> and lets you set mitigation actions for each endpoint individually. Additionally, you can use Cloudflare-provided learned schemas that we [learn automatically](/api-shield/management-and-monitoring/#endpoint-schema-learning) from your traffic for individual endpoints.
 
 :::note
 
-[Classic Schema Validation documentation](/api-shield/reference/classic-schema-validation/) is available for reference only.
+[Classic Schema validation documentation](/api-shield/reference/classic-schema-validation/) is available for reference only.
 :::
 
-## Upload schemas via the API to Schema Validation
+## Upload schemas via the API to Schema validation
 
 <Steps>
 1. Upload a schema.
 2. Ensure that your endpoints are added in Endpoint Management.
 3. Set the schema to `active` if it is not already done.
-4. Set the Schema Validation zone-wide action from `none` to `log`.
+4. Set the Schema validation zone-wide action from `none` to `log`.
 5. Send test traffic that violates the schema.
-6. View test traffic in Security Events by filtering for **Service** > **API Shield - Schema Validation**.
+6. View test traffic in Security Events by filtering for **Service** > **API Shield - Schema validation**.
 7. Optional:
    - Set a single endpoint to `block`.
-   - Set the Schema Validation zone-wide to `block`.
+   - Set the Schema validation zone-wide to `block`.
    - Temporarily override all schemas zone-wide to `none`.
    - Remove the temporary override.
 </Steps>
 
-Cloudflare recommends you to rerun test traffic and monitor the HTTP response codes after changing any settings to ensure Schema Validation is operating as expected.
+Cloudflare recommends you to rerun test traffic and monitor the HTTP response codes after changing any settings to ensure Schema validation is operating as expected.
 
 Settings changes may take a few minutes to implement.
 
 :::note
 
-Endpoints must be listed in Endpoint Management for Schema Validation to match requests.
+Endpoints must be listed in Endpoint Management for Schema validation to match requests.
 :::
 
 ## Configuration
@@ -81,7 +81,7 @@ Upload a schema via the v4 API using `POST`. This example requires a `example_sc
 }
 ```
 
-By default, Schema Validation is disabled for an uploaded schema so that you can inspect it first. You can upload a schema and enable it immediately by setting the form parameter `validation_enabled=true`.
+By default, Schema validation is disabled for an uploaded schema so that you can inspect it first. You can upload a schema and enable it immediately by setting the form parameter `validation_enabled=true`.
 
 Use a `PATCH` request to activate a schema after inspection.
 
@@ -115,7 +115,7 @@ When a schema is active, it executes the mitigation action specified for each op
 
 ### Add new operations to Endpoint Management
 
-Schemas contain a set of servers, paths, and methods, which together define an operation. Schema Validation only acts on the requests to operations which have been added to the API Shield Endpoint Management. If a schema contains operations which have not been added to Endpoint Management, they can be retrieved together with the configuration information about added operations.
+Schemas contain a set of servers, paths, and methods, which together define an operation. Schema validation only acts on the requests to operations which have been added to the API Shield Endpoint Management. If a schema contains operations which have not been added to Endpoint Management, they can be retrieved together with the configuration information about added operations.
 
 ```bash title="cURL command"
 curl --request GET "https://api.cloudflare.com/client/v4/zones/{zone_id}/api_gateway/user_schemas/{schema_id}/operations?feature=schema_info&operation_status=new&page=1&per_page=5000" \
@@ -425,9 +425,9 @@ curl --request PUT "https://api.cloudflare.com/client/v4/zones/{zone_id}/api_gat
 Parameter schemas are updated between every 24 hours up to one week. To ensure that a parameter schema has not been updated during the inspection, Cloudflare recommends that you pass the `last_updated` timestamp of the parameter-schema feature (not the `last_updated` of the whole operation) as an identifier in the timestamp query parameter.
 :::
 
-### Disable Schema Validation
+### Disable Schema validation
 
-To quickly disable Schema Validation for a whole zone, use `PATCH`. This operation will override all operation-mitigation actions.
+To quickly disable Schema validation for a whole zone, use `PATCH`. This operation will override all operation-mitigation actions.
 
 ```bash title="cURL command"
 curl --request PATCH "https://api.cloudflare.com/client/v4/zones/{zone_id}/api_gateway/settings/schema_validation" \