Documentation - V-274534

V-274534

Application Programming Interface (API) Security Requirements Guide

CAT II

Title

The API must audit request and response details (such as method, URL, headers, body, status, etc.).

Description

<VulnDiscussion>By logging request and response data, the API can track the flow of information between clients and the system, providing a detailed audit trail that helps detect and analyze potential security incidents, such as unauthorized access attempts, data manipulation, or injection attacks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><Pot...

Fix Text (Documentation Requirement)

Build or configure the API to log the necessary request and response details such as method, URL, headers, body, status, etc.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel