V-274835
SV-274835r1143875_rule
CAT II
API must use a circuit breaker pattern to handle failures and timeouts.
From: Application Programming Interface (API) Security Requirements Guide (V1R1)
Description
<VulnDiscussion>A circuit breaker pattern is essential in APIs to prevent cascading failures and improve system resilience. It monitors API calls and temporarily blocks requests when failures reach a threshold, allowing the system to recover before retrying.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Verify the API uses a circuit breaker pattern to handle failures and timeouts.
Review the API documentation or the system's architecture documentation. The pattern might be explicitly mentioned as part of the API's design to handle failures and timeouts.
If a circuit breaker pattern is not being used, this a finding.
Fix Text
Configure the API to use a circuit breaker pattern to handle failures and timeouts.
CCI Reference
CCI-004992- Created
- 2026-04-07 20:08:09
- Last Updated
- 2026-04-07 20:08:09