OWASP Underprotected APIs
September 10th, 2022
Underprotected APIs
pattern: bulkheading to limit the size of hacks
pattern: communicate with most secure possbile
public-facing API: TLS
pattern: configure to reject protocol downgrades
pattern: keep root Certificate Authority (CA) files up to date
business-to-business: bi-directional certificates
pattern: verify with generative testing library that your parser (JSON / XML / ...) is hardened against malicious input
pattern: fuzz-testing APIs & check failure responses rejects safely
(src:
This post was referenced in: