Vulnerabilities
Vulnerabilities are shortcomings in application APIs that pose a security risk if exploited by threat actors. Identifying API vulnerabilities and prioritizing and fixing them at their source is vital to preventing API attacks.
With AppSentinels, the initial vulnerability risk assessment of the APIs is automatic and performed as part of API discovery. Vulnerabilities found in the APIs are categorized by severity and the expected exploit technique by threat actors, along with reference links to the details of the vulnerability and the potential solution to fix the vulnerability at its source.
Vulnerabilities can be moved to various management states such as In Progress, Resolved, Fixed, False Positive, and Inconclusive, depending on how and when they will be fixed. Vulnerability risk assessment is continuous—APIs fixed as part of a vulnerability resolution are flagged again if new vulnerabilities are seen.
| Summary view is a collection of widgets with Severity, Status, Resolution, and other statistics. Vulnerabilities List view is a listing of the vulnerabilities with their timestamp, event ID, category, sub-category, status, and other operational data. |
|
In the List view, the vulnerabilities are listed with the following data:
Severity
AppSentinels assigns severity levels to vulnerabilities based on the magnitude of their impact— Critical, Major, Minor, and Info.
In the Show Aggregation mode, you'll see a count of the number of APIs affected by the vulnerability.
Endpoint
The URL of the API in which the vulnerability was discovered. For example, POST /rest/user/login.
Timestamp
The date and time when the vulnerability was first discovered.
Event ID
The AppSentinels-generated event ID for the event that discovered the vulnerability.
Category
The AppSentinels-assigned category of the vulnerability based on how threat actors could exploit it. For example, Passive Scan.
Sub Category
The AppSentinels-assigned subcategory of the vulnerability based on how threat actors could exploit it. For example, Misconfigurations.
Summary
A summary of the vulnerability. For example, Cache-Control not set to (no-cache).
Status
The fix status of the vulnerability.
| Open | The vulnerability is yet to be analyzed. |
| Analyzed |
The vulnerability impact has been analyzed. |
| In Progress |
The vulnerability is currently being worked upon. |
| Resolved |
The API is fixed, and the vulnerability no more exists in the API. |
The status can be changed only when the vulnerabilities list is set to be seen in the Show Aggregation mode. Also, a change in the status is effective for all APIs where the vulnerability is seen.
Resolution
The resolution status of the vulnerability.
| New |
All or some APIs with this vulnerability are not fixed. |
| Fixed |
All APIs with this vulnerability are fixed. |
| False Positive |
The vulnerability does not pose a negative impact, and fixes are not required in the APIs. |
| Inconclusive | The details gathered about the vulnerability and its impact is inconclusive to be considered for implementing the fixes in the APIs. |
The resolution status can be changed only when the vulnerabilities list is set to be seen in the Show Aggregation mode. Also, a change in the resolution status is effective for all APIs where the vulnerability is seen.