Client application

Client application ()



2. API inbound security pattern [Control Realization]
[WIP] 2. API inbound security pattern [Control Realization] - improvement proposal
1. API inbound security pattern [Threat Model]



	Client application	API endpoint
	Client application	BB-21: Distributed denial of service protection service
HTTPS (External token)	Client application	WAF
	NORA-1: External	Client application