API insights dashboard

The API Insights dashboard provides a centralized view of your API security posture, helping you track discovered APIs, vulnerabilities, and catalog coverage across your organization.

access restrictions

The API Insights dashboard respects user access restrictions, preventing users from viewing results for targets they don't have permission to access. Only users who have access to all targets can view the API insights dashboard.

Dashboard overview

API Insights dashboard page in Invicti Platform.

The overview section displays key metrics at a glance:

Discovered APIs without a target - APIs identified through discovery but not yet configured as scan targets
APIs in catalog - Total number of APIs currently cataloged in Invicti Platform
Operations in API catalog - Total number of API operations (endpoints) tracked across all cataloged APIs
Vulnerable APIs - Number of APIs with at least one open vulnerability
Open vulnerabilities - Total count of unresolved API vulnerabilities

Each metric includes a navigation arrow that takes you to the relevant section (Discovery, Vulnerabilities, or Inventory) for detailed information.

Open API vulnerabilities

The Open API vulnerabilities chart displays the total number of open vulnerabilities found in your APIs over the past 12 months, broken down by severity level - critical, high, medium, low, and informational. Each severity level includes the Mean Time to Remediate (MTTR) metric, showing how long it typically takes to fix vulnerabilities of that severity.

This visualization helps you:

Track whether your API security posture is improving or declining over time
Identify spikes in vulnerabilities that may require immediate attention
Measure the effectiveness of your remediation efforts
Compare remediation times across different severity levels

Most recent discovered APIs

This section displays the most recently discovered APIs identified through automated discovery mechanisms. For each API, the following information is shown:

API name - The specification identifier or API name
Base URL - The root endpoint where the API is hosted
Discovered - The date when Invicti Platform first identified the API

Review newly discovered APIs to expand your security coverage and determine which APIs you should add to your scanning workflows.

Most vulnerable APIs

This list highlights APIs with the highest number of open vulnerabilities. Each entry includes:

Target - The name of the associated scan target
Vulnerability count - Total number of open security issues
Severity indicators - Visual breakdown showing critical, high, medium, low, and informational vulnerabilities

Focus your remediation efforts on these high-risk APIs to reduce your overall security exposure.

Average vulnerabilities per API

This chart shows the average number of vulnerabilities detected per API over the last 12 months, broken down by severity level (critical, high, and medium).

Tracking the average helps you:

Understand whether new APIs are being developed with better security practices
Measure the overall quality of your API security over time
Set benchmarks and goals for reducing vulnerabilities in your API portfolio

Click on the severity labels at the bottom of the chart to filter the view and analyze specific vulnerability types.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?

Dashboard overview​

Open API vulnerabilities​

Most recent discovered APIs​

Most vulnerable APIs​

Average vulnerabilities per API​

Need help?​