The Cequence Unified API Protection (UAP) platform classifies threats automatically based on the type of URIs or APIs that are accessed by the malicious actors. This page describes the types of threat classifications that the Cequence UAP platform detects and how users should interpret them.
Cequence uses machine learning to classify the type of endpoint resource based on the URI, host, and method. The threat classification is derived from the endpoint clasification result of the machine learning model.
The table below describes the various forms of threats that are detected by the product, which API endpoint types they trigger for, and the types of malicious activity that are encompassed in that threat classification.
| Threat Classification | Endpoint Classification | Types of malicious traffic and API endpoints covered |
| Account Take Over (ATO) | Authentication | Endpoints requiring users to login or reset their accounts by entering credentials |
| Fake Account Creation | Account Creation | Endpoints requiring users to create new accounts by filling out forms online |
| OTP Flood | One-Time Password | Endpoints that generate OTP codes to the user for two-factor authentication |
| Token Farming | Token Validation | Endpoints that require users to access resources using API keys/tokens |
| Unauthorized Account Information Access | Account Information Retrieval | Endpoints requiring users to retrieve their accounts by entering account verification credentials |
| Account Management Abuse | Customer Profile Management | Endpoints that alter customer profile information, such as address or name |
| Unauthorized Billing Access | Billing | Endpoints that directly affect payment transactions |
| Product Search Abuse | Product Search | Endpoints that produce lists of products |
| Inventory Abuse | Inventory Management | Endpoints that alter product quantity or reserve items |
| Inventory Scalping - Shopping Cart Abuse | Cart | Endpoints that load inventory items into a cart or establish an availability queue |
| Loyalty Rewards Abuse | Loyalty Program Integration | Endpoints that establish rewards and levels in a loyalty rewards program |
| Inventory Scalping - Product Checkout Abuse | Checkout | Endpoints that mark inventory as sold |
| Payment Fraud - Customer Facing | Payment (B2C) | Endpoints that manage payment transactions between a business and a customer |
| Payment Fraud - Business Facing | Payment (B2B) | Endpoints that manage payment transactions between two businesses |
| Unauthorized Order Details Tracking | Order Tracking | Endpoints that report package tracking details |
| Reputation Abuse | Review | Endpoints that post scores or reviews |
| Credit Verification Fraud | Loan Application | Endpoints that confirm creditworthiness and the amount of credit to extend |
| Credit Origination Fraud | Credit Score | Endpoints that establish creditworthiness and generate credit reports |
| Device Activation Fraud | New Phone Activation | Endpoints used to add a device to a service provisioning network |
| Line Activation Fraud | New Phone Line Activation | Endpoints used to establish telephone service for a device |
| Device Port-In Eligibility Abuse | Phone Port-In | Endpoints that establish a device's eligibility to be moved, or ported, to another network provider |
| Service Update Fraud | Service Plan Update | Endpoints that establish a service plan for a device |
| Unauthorized Usage Metrics Access | Usage Tracking | Endpoints that report usage metrics for a device |
| CPNI Enumeration | Call Detail Record | Endpoints that handle Customer Proprietary Network Information, which can include call activity, billing, and geolocation |
| Impersonation Fraud | Customer Interaction | Endpoints that verify the identity of a customer |
| Unclassified | Unclassified | Endpoints that don't match any of the existing classifications |