Threat Protection

anonymous · April 27, 2016, 5:23am

My usecase is to check for the data validity from hacking perspective. i.e.

1.XSS

2.CSRF

3.SQL Injection

Can anyone please share the sample doc or reference link for each of the threat protection techniques mentioned above?

anonymous · April 27, 2016, 8:22am

@maivizhi

You refer below links, might be helpful.

mschreuder · April 27, 2016, 6:27pm

Hi @maivizhi you may also want to check out:

This Article: API Vulnerabilites and their mitigation in Apigee Edge.
This Slideshare: Deep-Dive: Secure API Management

If our responses have helped answer your question, please click the “Accept” link or alternatively let us know how we can further answer your question.

gnanasekaran · April 27, 2016, 9:39pm

check this out - https://community.apigee.com/content/kbentry/19487/api-vulnerabilites-and-their-mitigation-in-apigee.html

anonymous · September 1, 2016, 5:55pm

These are great articles, and I have those surface areas covered. What my concern now is, my API gateway will be proxying API’s in Docker and Cloud Foundry. Are there any documented:

Docker Engine Injection Attacks?

Cloud Foundry (Diego/Bosch) Engine attacks?

Topic		Replies	Views
Preventing cross-site scripting, SQL injection for API security Apigee api-runtime	3	3	October 21, 2017
Cross Site Scripting(XSS) and SQL Injection Policy Setup Apigee apigee-general	6	12	July 24, 2018
Regular expression threat protection design Apigee apigee-general	3	2	May 10, 2016

Threat Protection

AI Suggested topics