Documentation - V-274710

V-274710

Application Programming Interface (API) Security Requirements Guide

CAT I

Title

The API must use TLS version 1.2 at a minimum.

Description

<VulnDiscussion>Without protection of the transmitted information, confidentiality and integrity may be compromised since unprotected communications can be intercepted and either read or altered. This requirement applies only to those applications that are either distributed or can allow access to data nonlocally. Use of this requirement will be limited to situations where the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the...

Fix Text (Documentation Requirement)

Build or configure all of the API systems to require TLS (version 1.2 or higher) for all communication encryption in accordance with data protection requirements.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel