Documentation - V-274557

V-274557

Application Programming Interface (API) Security Requirements Guide

CAT II

Title

The API must limit the exposure of endpoints.

Description

<VulnDiscussion>Exposing too many API endpoints, which are specific URLs or paths that allow clients to interact with various functions or data within the system, increases the attack surface. This exposure makes the API more vulnerable to unauthorized access, data breaches, and distributed denial-of-service (DDoS) attacks. By restricting access to only necessary endpoints, the API ensures that only authenticated and authorized users can reach sensitive data or critical operations. Limiting the ...

Fix Text (Documentation Requirement)

Build or configure the API to limit the endpoint against improper exposure.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel