Merge pull request #16 from f5devcentral/class4-api

octopus
f5devcentral · Nov 8, 2023 · da6a928 · da6a928
2 parents 0198253 + 70bfdb7
commit da6a928
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 10 deletions.
diff --git a/docs/class4/module2/lab2/lab2.rst b/docs/class4/module2/lab2/lab2.rst
@@ -22,20 +22,21 @@ Enable Endpoint Discovery
 Enable PII Discovery
 --------------------
 
-OWASP Top10 API requires to detect and discover sensitive datas in Request and Response. To do so, F5 Distributed Cloud has a list of known PII (PPersonal Identifiable Information), such as:
+OWASP Top10 API requires to detect and discover sensitive datas in Request and Response. To do so, F5 Distributed Cloud has a list of known PII (Personal Identifiable Information), such as:
 
-   * email
-   * credit card number
-   * US Social Security Number
-   * IP address
+* email
+* credit card number
+* US Social Security Number
+* IP address
 
 But you want to detect your own PII, such as:
 
-   * French Social Security Number
-   * French Mobile Phone Number
-   * Etc ...
+* French Social Security Number
+* French Mobile Phone Number
+* Etc ...
 
-Let's create those custom PII.
+Create custom PII
+^^^^^^^^^^^^^^^^^
 
 * In Sensitive Data Protection, click on ``configure``
 * Add 2 new ``Defined Custom Sensitive Data Types``, enable detection for ``All Endpoint, Request and Response, Value Pattern``
@@ -45,7 +46,7 @@ Let's create those custom PII.
 
 .. image:: ../pictures/pii.png
    :align: left
-   :scale: 40%
+   :scale: 50%
 
 * SAVE your Load Balancer
 
diff --git a/docs/class4/module2/lab3/lab3.rst b/docs/class4/module2/lab3/lab3.rst
@@ -1,11 +1,24 @@
 API Discovery outcomes
 ======================
 
+At the first stage, API Discovery process requires several hours to collect datas and make them visible. Don't be surprised if you must wait 2 hours to see the first datas.
 
+But in this lab, the instructor have ``super powers`` and can force the discovery.
 
 Endpoint Discovery
 ------------------
 
+* Switch to ``Dashboard`` > ``Security Dashboard``
+* Click on your Application Load Balancer
+* Go to the ``API Endpoints`` tab
+
+You can see the ``Graph`` page with the Octopus :) It represents what is know and what is seen.
+
+.. image:: ../pictures/octopus.png
+   :align: left
+   :scale: 50%
+
+
 
 PII Discovery
 -------------

diff --git a/docs/class4/module2/pictures/octopus.png b/docs/class4/module2/pictures/octopus.png