You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/recommendations-reference-api.md
+14-2Lines changed: 14 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -47,16 +47,28 @@ To learn about actions that you can take in response to these recommendations, s
47
47
48
48
### Unused API endpoints should be disabled and removed from Function Apps (Preview)
49
49
50
-
**Description & related policy**: API endpoints that haven't received traffic for 30 days are considered unused and pose a potential security risk. These endpoints may have been left active accidentally when they should have been deprecated. Often, unused API endpoints lack the latest security updates, making them vulnerable. To prevent potential security breaches, we recommend disabling and removing these HTTP-triggered endpoints from Azure Function Apps.
50
+
**Description & related policy**: API endpoints that haven't received traffic for 30 days are considered unused and pose a potential security risk. These endpoints may have been left active accidentally when they should have been deprecated. Often, unused API endpoints lack the latest security updates, making them vulnerable. To prevent potential security breaches, we recommend disabling and removing these HTTP-triggered endpoints from Azure Function Apps.
51
51
52
52
**Severity**: Low
53
53
54
54
### Unused API endpoints should be disabled and removed from Logic Apps (Preview)
55
55
56
-
**Description & related policy**: API endpoints that haven't received traffic for 30 days are considered unused and pose a potential security risk. These endpoints may have been left active accidentally when they should have been deprecated. Often, unused API endpoints lack the latest security updates, making them vulnerable. To prevent potential security breaches, we recommend disabling and removing these endpoints from Azure Logic Apps.
56
+
**Description & related policy**: API endpoints that haven't received traffic for 30 days are considered unused and pose a potential security risk. These endpoints may have been left active accidentally when they should have been deprecated. Often, unused API endpoints lack the latest security updates, making them vulnerable. To prevent potential security breaches, we recommend disabling and removing these endpoints from Azure Logic Apps.
57
57
58
58
**Severity**: Low
59
59
60
+
### Authentication should be enabled on API endpoints hosted in Function Apps (Preview)
61
+
62
+
**Description & related policy**: API endpoints published within Azure Function Apps should enforce authentication to help minimize security risk. This is crucial to prevent unauthorized access and potential data breaches. Without proper authentication, sensitive data could be exposed, compromising the security of the system.
63
+
64
+
**Severity**: High
65
+
66
+
### Authentication should be enabled on API endpoints hosted in Logic Apps (Preview)
67
+
68
+
**Description & related policy**: API endpoints published within Azure Logic Apps should enforce authentication to help minimize security risk. This is crucial to prevent unauthorized access and potential data breaches. Without proper authentication, sensitive data could be exposed, compromising the security of the system.
69
+
70
+
**Severity**: High
71
+
60
72
## API management recommendations
61
73
62
74
### API Management subscriptions shouldn't be scoped to all APIs
0 commit comments