As part of the audit processes of the API Gateway logs, we have noticed that there has been calls made from IPs not recognized as valid clients to the set of APIs we have enabled.
We consider those calls attacks looking to harvest on potential non secured services of flaws of the Gateway.
Since those calls generates some traffic and potentially consume resources I would like to have the alternative to blacklist the IPs originating those calls from the beginning with the least resources consumption required.
Can you suggest the best approach to it, I would like to have some IP blacklisting capability.