The implementations described herein provide a tool for identifying security issues and applying security policies to the service(s) and/or microservices. Rather than a user (such as an administrator) reactively diagnosing security incidents, the systems and methods described herein may provide a tool by which the user can proactively monitor the use of the services and microservices for security issues and control the user of such microservices and services via policies. The systems and methods allow API granular policy control to determine which APIs may be granted or denies access based on a variety of criteria, such as but not limited to the source of the request, the specific API being called, temporal conditions, geography and so forth. The user can identify security concerns or issues on a per API basis.