Introduction
Welcome to Cequence Unified API Protection (UAP) 8.0, our biggest release yet. This guide accompanies the recorded walkthrough video and provides an overview of the most important updates in 8.0.
Our goal is simple: to help you quickly understand what’s new, navigate the redesigned interface, and leverage powerful new tools for API discovery, risk posture management, and threat protection.
This article highlights major section updates on the platform and provides quick-reference bullet points to dive deeper where needed.
Section Guide & Highlights
1. The New Interface
Streamlined Navigation: Three main sections — Discover, Posture Management, and Threat Protection — make it easier to find what you need.
Personalized Experience: Light/dark mode toggle and universal search for quick access to APIs, endpoints, or hosts.
2. Discovery – Bringing API Visibility Together
The Discovery section now combines and improves capabilities from API Spyder, Sentinel, and Spartan into a single powerful interface.
Key pages in Discovery:
Live Activity
Sitemap-style API view.
Nested endpoints under domains with transaction counts.
Filterable search to quickly drill into the data you need.
Host View
New in 8.0: Centralized list of externally discovered hosts associated with your registered domains.
View key metadata: domain association, IP address, and discovery source.
Use this page to identify unmanaged or unknown APIs in your attack surface.
Endpoints
Deep endpoint-level view, powered by Defender or Sensor runtime data.
Organize APIs by domain, authentication type, owner, or severity.
Enhanced tagging ensures a clean and actionable API inventory.
Flow Graph
Visual map of API relationships, dependencies, and transaction pathways.
Includes Kubernetes pod-level visibility for containerized environments.
3. Risk Posture Management & Incident Tracking
Your central command for improving API security posture.
Highlights:
Continuous analysis of API traffic based on OWASP API Security Top 10 and industry standards.
Evidence Files: View detailed evidence for each flagged risk (sensitive data automatically masked).
New Incident Statuses: Track issues across their lifecycle with seven statuses:
Open
Action Required
In Progress
Fixed – Needs Verification
Resolved
Risk Accepted
False Positive
One-year retention for historical tracking — audit-ready and ideal for compliance.
Direct ServiceNow integration to escalate incidents with all supporting evidence attached.
4. Threat Protection – Smarter Detection & Defense
Stay ahead of attackers with behavioral analytics and enhanced threat categorization.
What’s New:
TEBA (Threat & Entity Behavioral Analytics): Detects stealthy attacks like enumeration, credential rotation, and replay attempts.
20+ New Bot Threat Categories: Covering account takeovers, SIM swaps, payment fraud, inventory scalping, and more.
Machine-Learning-Powered Detection: Automatic classification of attacks without complex rule-building.
5. Machine Learning Models – Automation at Work
Automate key security and configuration tasks with two new ML-powered features:
Attack Feature Detection (AFD):
Detect suspicious traffic spikes.
Generate actionable mitigation rules with key metrics (Recall, Precision, False Positive Rate).
One-click activation of new policies in Mitigation.
Baselining Model:
Automatically configures data extraction rules, authentication expressions, and detection pivots.
Learns your API behavior within about a week and adjusts thresholds per host for optimal detection.
Why This Matters
UAP 8.0 is designed to simplify your workflows while giving you deeper, real-time insights into your APIs. Whether you’re identifying unmanaged APIs, tracking risk posture, or mitigating attacks, these updates bring more automation, better visibility, and faster time-to-value.