• Home
  • CodeSent for Apigee
    • Features
    • Rules
    • API
  • Demo
  • Pricing
  • Blog
  • Contacts
  • Sign in
  • Get a demo
    • Home
    • CodeSent for Apigee
      • Features
      • Rules
      • API
    • Demo
    • Pricing
    • Blog
    • Contacts
  • Sign in
  • Get a demo
  2. Rules
  • Group by:
  • None
    None Severity
  • Filter by:
  • Severity
    Info Low Medium High Critical
  • Tags
    Authentication & Authorisation Code Quality Data Validation Data at Rest Data in Transit DoS Protection Error Handling Secure Configuration
  • Scopes(4/22)
    ServiceCallout MessageLogging Step RouteRule Flow Target AccessControl AssignMessage BasicAuthentication Condition FlowCallout HMAC JavaScript JSONThreatProtection OAuthV2 PreFlow Proxy Quota Response SpikeArrest VerifyAPIKey XMLThreatProtection
Flow AccessControl BasicAuthentication HMAC
Name Severity Scopes Tags Links
Bypassing AccessControl policy via True-Client-IP header Critical AccessControl Data Validation CWE-290
Flow accepts confidential data as URL parameters High Flow PreFlow Data in Transit CWE-598
JSONThreatProtection policy is not applied to a request body with JSON type High Flow Data Validation CWE-502 CWE-20
Use of weak hash algorithms High AssignMessage HMAC JavaScript Secure Configuration CWE-327
AccessControl allows all IPs Medium AccessControl Data Validation CWE-290
Condition has undefined variables Medium Step RouteRule Flow Code Quality CWE-570 CWE-571
Flow accepts requests with any method Medium Flow Data Validation CWE-749
Flow doesn't limit HTTP methods correctly Medium Flow Data Validation CWE-749
Overcomplicated or malformed condition Low Step RouteRule Flow Code Quality CWE-570 CWE-571

Sentinel Strength for Secure API Gateway Code

  • ​Home
  • Features
  • Demo
  • Rules
  • Blog
  • Apigee Best Security Practices
  • Contact us

  • ​+381 637 736 053 ​
  • ​info@codesent.io
Socials
​
Copyright © CodeSent
Apigee is a registered trademark of Google LLC

We use cookies to provide you a better user experience on this website. Cookie Policy

Only essentials I agree