• Home
  • CodeSent for Apigee
    • Features
    • Rules
    • API
  • Demo
  • Pricing
  • Blog
  • Contacts
  • Sign in
  • Take a Demo
    • Home
    • CodeSent for Apigee
      • Features
      • Rules
      • API
    • Demo
    • Pricing
    • Blog
    • Contacts
  • Sign in
  • Take a Demo
  2. Rules
  • Group by:
  • None
    None Severity
  • Filter by:
  • Severity(1/5)
    Info Low Medium High Critical
  • Tags
    Authentication & Authorisation Code Quality Data Validation Data at Rest Data in Transit DoS Protection Error Handling Secure Configuration
  • Scopes
    ServiceCallout MessageLogging Step RouteRule Flow Target AccessControl AssignMessage BasicAuthentication Condition FlowCallout HMAC JavaScript JSONThreatProtection OAuthV2 PreFlow Proxy Quota Response SpikeArrest VerifyAPIKey XMLThreatProtection
Critical
Name Severity Scopes Tags Links
Sensitive information is in the source code Critical Step Data at Rest CWE-256 CWE-312
Request content is stringified Critical Step Data Validation DoS Protection CWE-20
Lack of certificate validation Critical ServiceCallout MessageLogging Target Data in Transit CWE-295
JWT/JWS is decoded but not verified in the same flow phase Critical Step Authentication & Authorisation CWE-347
Connection to the system is not encrypted Critical ServiceCallout MessageLogging Target Data in Transit CWE-319
Bypassing AccessControl policy via True-Client-IP header Critical AccessControl Data Validation CWE-290

Sentinel Strength for Secure API Gateway Code

  • ​Home
  • Features
  • Demo
  • Rules
  • Blog
  • Apigee Best Security Practices
  • Contact us

  • ​+381 637 736 053 ​
  • ​info@codesent.io
Follow Us
Click here to setup your social networks
Copyright © CodeSent
Apigee is a registered trademark of Google LLC

We use cookies to provide you a better user experience on this website. Cookie Policy

Only essentials I agree