Merge pull request #2 from f5devcentral/class4-api

Matt  - api sec - first merge

docs/class4/class4.rst

@@ -0,0 +1,28 @@
+Class 4 - API Protection
+########################
+
+Lab Maintainers:
+
+  Matthieu Dierick <[email protected]>
+
+  Sorin Boiangiu <[email protected]>   
+
+|
+
+Welcome to the F5 Distributed Cloud - API Protection lab
+
+Distributed Cloud API Security provides discovery and deep insights from use of AI/ML. Identify shadow APIs and block API attacks in real time and eliminate vulnerabilities at their source. The SaaS-based portal enables users to manage and go deep for threat analytics, forensics, and troubleshooting of API communications for modern applications.
+
+APIs change frequently:
+
+* Easily identify all API endpoints mapped to your applications and monitor anomalous activities or shadow APIs including blocking of suspicious requests and endpoints. 
+* Generate API schema and Swagger files to minimize manual tracking of API endpoints. 
+* Reduce time spent configuring and deploying API security policies.
+
+
+
+.. toctree::
+   :maxdepth: 2
+   :glob:
+
+   module*/module*

docs/class4/module1/lab1/lab1.rst

@@ -0,0 +1,3 @@
+Expose the modern API application on F5XC
+#########################################
+

docs/class4/module1/lab2/lab2.rst

@@ -0,0 +1,21 @@
+Protect the modern API application with F5XC - static protection
+================================================================
+
+Assign OpenAPI spec file to the LB
+----------------------------------
+
+Upload file
+^^^^^^^^^^^
+
+Create API Def
+^^^^^^^^^^^^^^
+
+Assign API def to LB
+^^^^^^^^^^^^^^^^^^^^
+
+Apply API Protection rules
+--------------------------
+
+Create the default API Protection rule
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+

docs/class4/module1/lab3/lab3.rst

@@ -0,0 +1,3 @@
+Test your modern API application protection
+===========================================
+

docs/class4/module1/module1.rst

@@ -0,0 +1,14 @@
+Static API Protection
+#####################
+
+In this section, we will protect a modern API application with F5 Distributed Cloud. We will start by a **static** protection where SecOps apply the OpenAPI file to the protected application.
+
+
+
+**Module 1 - All sections**
+
+.. toctree::
+   :maxdepth: 1
+   :glob:
+
+   lab*/lab*

docs/class4/module2/lab1/lab1.rst

@@ -0,0 +1,10 @@
+Enable API discovery
+====================
+
+Enable Endpoint Discovery
+-------------------------
+
+
+Enable PII Discovery
+--------------------
+

docs/class4/module2/lab2/lab2.rst

@@ -0,0 +1,18 @@
+API Discovery outcomes
+======================
+
+Endpoint Discovery
+------------------
+
+
+PII Discovery
+-------------
+
+
+
+Authentication Discovery
+------------------------
+
+
+AI/ML Security Posture
+----------------------

docs/class4/module2/module2.rst

@@ -0,0 +1,13 @@
+Dynamic API Protection
+######################
+
+In this section, we will protect the same modern application with F5 Distributed Cloud, but we will enable the **dynamic** protection where SecOps apply the API Discovery and validation.
+
+
+**Module 2 - All sections**
+
+.. toctree::
+   :maxdepth: 1
+   :glob:
+
+   lab*/lab*