API shield default rules

New here. API shield is going to be enabled in our dashboard that we have for websites. I read documentation related but it is not clear if this service has default rules specific for APIs that can be used, especially specific ones based on the OWASP top ten for APIs. Any feedback would be appreciated. Thank you!!