API Shield - New API Posture Management for API Shield
1y ago
Source
CloudflareAPI Shield - New API Posture Management for API Shieldcloudflare.comNow, API Shield automatically labels your API inventory with API-specific risks so that you can track and manage risks to your APIs. View these risks in Endpoint Management by label: ...or in Security Center Insights : API Shield will scan for risks on your API inventory daily. Here are the new risks we're scanning for and automatically labelling: cf-risk-sensitive : applied if the customer is subscribed to the sensitive data detection ruleset and the WAF detects sensitive data returned on an endpoint in the last seven days. cf-risk-missing-auth : applied if the customer has configured a session ID and no successful requests to the endpoint contain the session ID. cf-risk-mixed-auth : applied if the customer has configured a session ID and some successful requests to the endpoint contain the session ID while some lack the session ID. cf-risk-missing-schema : added when a learned schema is available for an endpoint that has no active schema. cf-risk-error-anomaly : added when an endpoint experiences a recent increase in response errors over the last 24 hours. cf-risk-latency-anomaly : added when an endpoint experiences a recent increase in response latency over the last 24 hours. cf-risk-size-anomaly : added when an endpoint experiences a spike in response body size over the last 24 hours. In addition, API Shield has two new 'beta' scans for Broken Object Level Authorization (BOLA) attacks . If you're in the beta, you will see the following two labels when API Shield suspects an endpoint is suffering from a BOLA vulnerability: cf-risk-bola-enumeration : added when an endpoint experiences successful responses with drastic differences in the number of unique elements requested by different user sessions. cf-risk-bola-pollution : added when an endpoint experiences successful responses where parameters are found in multiple places in the request. We are currently accepting more customers into our beta. Contact your account team if you are interested in BOLA attack detection for your API. Refer to the blog post for more information about Cloudflare's expanded posture management capabilities.
You might also wanna read
Cloudflare Introduces Unified CLI Tool for Accessing All Platform APIs
Cloudflare is introducing a new unified CLI tool called 'cf' designed to provide consistent access to their entire API ecosystem, which incl
Microsoft Launches Serverless Protection in Defender for Cloud CSPM for Azure Functions and AWS Lambda
Microsoft has announced the general availability of serverless protection within Defender for Cloud, extending its Cloud Security Posture Ma
undercodetesting.com·1mo agoCF-Shield – An open source tool to protect any website with Cloudflare
github.com·1y ago
Microsoft aligns CNAPP strategy with context-aware cloud risk reduction
The article discusses the evolution of Cloud-Native Application Protection Platforms (CNAPP) from basic visibility tools to context-aware ri
microsoft.com·9d ago
Critical IDOR Vulnerability in CoreEvent GraphQL API Exposes Order and Event Data
A critical broken access control vulnerability (IDOR/BOLA) was discovered in the CoreEvent GraphQL API. The getOrder and getEvent queries tr

Comments
Sign in to join the conversation.
No comments yet. Be the first.