• Home
  • CodeSent for Apigee
    • Features
    • Rules
    • API
  • Demo
  • Pricing
  • Blog
  • Courses
  • Contacts
  • Sign in
  • Get a demo
    • Home
    • CodeSent for Apigee
      • Features
      • Rules
      • API
    • Demo
    • Pricing
    • Blog
    • Courses
    • Contacts
  • Sign in
  • Get a demo
  2. Rules
  • Group by:
  • None
    None Severity
  • Filter by:
  • Severity(1/5)
    Info Low Medium High Critical
  • Tags
    Authentication & Authorisation Code Quality Data Validation Data at Rest Data in Transit DoS Protection Error Handling Secure Configuration
  • Scopes(4/22)
    ServiceCallout MessageLogging Step RouteRule Flow Target AccessControl AssignMessage BasicAuthentication Condition FlowCallout HMAC JavaScript JSONThreatProtection OAuthV2 PreFlow Proxy Quota Response SpikeArrest VerifyAPIKey XMLThreatProtection
High Step BasicAuthentication HMAC JavaScript
Name Severity Scopes Tags Links
Cache is accessed without prior authentication High Step Authentication & Authorisation CWE-306
Confidential data is used as a cache key High Step Data at Rest CWE-256 CWE-312
Insecure Quota configuration High Step Code Quality Data Validation CWE-770
Open Redirect High Step Data Validation CWE-601 CWE-20
Policy sets confidential data in URL parameters High Step Data in Transit CWE-598
Request content is tainted by user input High Step Data Validation CWE-20 CWE-116
Target URL is tainted by user input High Step Data Validation CWE-22 CWE-233 CWE-918 CWE-20
Unsafe regular expression High Step Data Validation CWE-1333
Unsafe variable is used to define host High Step Data Validation CWE-20
Use of weak hash algorithms High AssignMessage HMAC JavaScript Secure Configuration CWE-327
User-controlled data in ServiceCallout High Step Data Validation CWE-233 CWE-20

Sentinel Strength for Secure API Gateway Code

  • ​Home
  • Features
  • Demo
  • Rules
  • Blog
  • Apigee Best Security Practices
  • Contact us

  • ​+381 637 736 053 ​
  • ​info@codesent.io
Socials
​
Copyright © CodeSent
Apigee is a registered trademark of Google LLC

We use cookies to provide you a better user experience on this website. Cookie Policy

Only essentials I agree