Prepared for: Name of the company
Prepared by: Imperva API Security Team
Uploaded file name: File Name
Creation Time: Jan 22, 2022, 14:56
View Report
What did we find inside the uploaded zip file?
APISpec Files
1
APIs
5
Impacted APIs
1
Destination Hosts
1
Attack Categories
25
Total Attack Vectors Generated
2,754
Issues distribution by severity
Critical
40
Major
10
Minor
7
Failed Tests by Severity
1
Issues distribution by severity
Critical
1
Major
0
Minor
0
Most frequently occuring violation
sql-injection - across 1 API
1 failed test
20%
Total Tests
100
Failed Tests
50
5
Critical
19
Major
6
Minor
Want to know more about the severities? check our FAQ
OWASP API Top 10
# | Policy Violations |
---|---|
A1 |
1.3K |
A2 |
1.3K |
A3 |
1.3K |
A4 |
1.3K |
A5 |
1.3K |
A6 |
1.3K |
A7 |
1.3K |
A8 |
1.3K |
A9 |
1.3K |
A10 |
1.3K |
What are the issue categories?
API Security Test Summary
File Name | APIs | APIs Impacted |
---|---|---|
ob | 5 | 1 |
ob | 5 | 1 |
What are the issue categories?
API Severity Per Attack Category
Attack Category | OWASP API Top 10 | APIs Impacted | Severity | Highest Severity |
---|---|---|---|---|
Data Type Definition | A1 | 1 |
|
32 Critical |
Data Type Definition | A8 | 1 |
|
1 Critical |
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
|
Data Type Definition | 1 |
|
1 Critical |
Critical
Major
Minor
What did we find inside the uploaded zip file?
Spec Files
7
APIs
83
Endpoints
188
Total Tests
21
Failed Tests
100
5
Critical
19
Major
6
Minor
Want to know more about the severities? check our FAQ
APIs with failed tests
API | Violation | Highest Severity | Failed Test | Test Request/Response |
---|---|---|---|---|
app-demo/api/v1/get)user_details Affected Classification PCI 3.1 PCI 3.2 CAPEC-66 CWE-89 HIPAA-89 ISQ27001-A.14.2.5 WASC-19 OWASP 2013-A1 OWASP 2017-A1 |
sql-injection |
1 Critical |
1 | Open Test Results |
app-demo/api/v1/get)user_details |
sql-injection |
1 Critical |
1 | Open Test Results |
app-demo/api/v1/get)user_details Affected Classification PCI 3.1 PCI 3.2 CAPEC-66 CWE-89 HIPAA-89 ISQ27001-A.14.2.5 WASC-19 OWASP 2013-A1 OWASP 2017-A1 |
sql-injection |
1 Critical |
1 | Open Test Results |
app-demo/api/v1/get)user_details Affected Classification PCI 3.1 PCI 3.2 CAPEC-66 CWE-89 HIPAA-89 ISQ27001-A.14.2.5 WASC-19 OWASP 2013-A1 OWASP 2017-A1 |
sql-injection |
1 Critical |
1 | Open Test Results |
app-demo/api/v1/get)user_details Affected Classification PCI 3.1 PCI 3.2 CAPEC-66 CWE-89 HIPAA-89 ISQ27001-A.14.2.5 WASC-19 OWASP 2013-A1 OWASP 2017-A1 |
sql-injection |
1 Critical |
1 | Open Test Results |
app-demo/api/v1/get)user_details Affected Classification PCI 3.1 PCI 3.2 CAPEC-66 CWE-89 HIPAA-89 ISQ27001-A.14.2.5 WASC-19 OWASP 2013-A1 OWASP 2017-A1 |
sql-injection |
1 Critical |
1 | Open Test Results |
app-demo/api/v1/get)user_details Affected Classification PCI 3.1 PCI 3.2 CAPEC-66 CWE-89 HIPAA-89 ISQ27001-A.14.2.5 WASC-19 OWASP 2013-A1 OWASP 2017-A1 |
sql-injection |
1 Critical |
1 | Open Test Results |
What every severity means?
Critical
Standard awareness document. It represents a broad consensus about the most critical security risks to web applications. Globally recognized by developers as the first step towards more secure coding.
Major
Standard awareness document. It represents a broad consensus about the most critical security risks to web applications. Globally recognized by developers as the first step towards more secure coding.
Minor
Standard awareness document. It represents a broad consensus about the most critical security risks to web applications. Globally recognized by developers as the first step towards more secure coding.
@ Imperva Ltd. All rights reserved
Imperva API Report
Creation date: Jun 21, 2021, 16:23
|
For: Name of the Customer