diff --git a/src/content/docs/api-shield/security/api-discovery.mdx b/src/content/docs/api-shield/security/api-discovery.mdx index c3ff29bc11353bc..3e8adb8dad13720 100644 --- a/src/content/docs/api-shield/security/api-discovery.mdx +++ b/src/content/docs/api-shield/security/api-discovery.mdx @@ -105,4 +105,4 @@ Endpoints discovered using session identifiers will be labeled as such in the Cl ## Availability -API Discovery is only available for Enterprise customers. If you are an Enterprise customer and interested in this product, contact your account team. +API Discovery is only available for Enterprise customers. If you are an Enterprise customer interested in this product, contact your account team. diff --git a/src/content/docs/api-shield/security/authentication-posture.mdx b/src/content/docs/api-shield/security/authentication-posture.mdx index 45f442dc97da84f..36435927cef88b2 100644 --- a/src/content/docs/api-shield/security/authentication-posture.mdx +++ b/src/content/docs/api-shield/security/authentication-posture.mdx @@ -62,4 +62,4 @@ Authentication Posture can only apply when customers accurately set up session i ## Availability -Authentication Posture is available for all Enterprise subscriptions with API Shield. \ No newline at end of file +Authentication Posture is available for all Enterprise customers with an API Shield subscription. \ No newline at end of file diff --git a/src/content/docs/api-shield/security/bola-vulnerability-detection.mdx b/src/content/docs/api-shield/security/bola-vulnerability-detection.mdx index a60a194ca156944..84f5e4dcdad326f 100644 --- a/src/content/docs/api-shield/security/bola-vulnerability-detection.mdx +++ b/src/content/docs/api-shield/security/bola-vulnerability-detection.mdx @@ -3,8 +3,6 @@ pcx_content_type: concept title: Broken Object Level Authorization vulnerability detection sidebar: - badge: - text: Beta order: 10 label: BOLA vulnerability detection --- @@ -63,7 +61,7 @@ API Shield searches for and highlights BOLA attacks on your APIs. Cloudflare lea If you see one of these labels on your API endpoints, check its authorization policy with your developer team to find any authorization bugs. Additionally, you can reach out to Cloudflare for a customized report about the behavior, including attacker identifiers that you can use to confirm attack reach and impact. -BOLA attack information can be found in your [Security Overview](#security-overview) and [Endpoint details](#endpoint-details). Closed beta customers can find BOLA attack information in [Security Analytics](#security-analytics) as well. +BOLA attack information can be found in your [Security Overview](#security-overview), [Security Analytics](#security-analytics), and [Endpoint details](#endpoint-details). ### Security Overview @@ -98,10 +96,6 @@ Review the top statistics and details of managed API endpoints, paths and values Cloudflare recommends that you observe your traffic profile for any anomalies in its normal behavior. -:::note[Availability] -BOLA attacks in Security Analytics is currently available in closed beta. -::: - ### Endpoint details You can expand the endpoint details in Web Assets to access information on suspicious sessions' activity on the endpoint, including both enumeration attack and parameter pollution attack details. @@ -120,7 +114,7 @@ The details specify the parameter that was affected, the number of sessions invo If unauthorized access to the parameter was obtained, consider the potential impact to your application, users, and data. As a best practice, consult with your application and API developers to confirm unauthorized access by reviewing your API origin logs for the IP address and JA4 fingerprint of the abusive sessions. -Closed beta customers can view attack data in [Security Analytics](#security-analytics). +You can view attack data in [Security Analytics](#security-analytics). @@ -130,4 +124,4 @@ The managed endpoint will be automatically filtered in the request activity from ## Availability -Details of BOLA attacks visible in Security Analytics are only available for customers in the closed beta. \ No newline at end of file +Broken Object Level Authorization vulnerability detection is only available for Enterprise customers. If you are an Enterprise customer interested in this product, contact your account team. \ No newline at end of file diff --git a/src/content/docs/api-shield/security/volumetric-abuse-detection.mdx b/src/content/docs/api-shield/security/volumetric-abuse-detection.mdx index 18b614183d3ca17..bd87b6c8ce6b726 100644 --- a/src/content/docs/api-shield/security/volumetric-abuse-detection.mdx +++ b/src/content/docs/api-shield/security/volumetric-abuse-detection.mdx @@ -85,4 +85,4 @@ API Shield will always calculate recommendations when session identifiers are co ## Availability -Volumetric Abuse Detection is only available for Enterprise customers. If you are an Enterprise customer and interested in this product, contact your account team. +Volumetric Abuse Detection is only available for Enterprise customers. If you are an Enterprise customer interested in this product, contact your account team.