Skip to content

Add a new Advanced API Security Risk Assessment option #241

New issue
New issue
Open
Open
Add a new Advanced API Security Risk Assessment option#241
@g-lalevee

Description

@g-lalevee
g-lalevee
opened on Aug 20, 2024

Hello Team

Advanced API Security Risk Assessment v2 just launched : it allows to assess API Proxy security in less than 60s (less than 1s for 1 proxy, in my tests). An API is available : organizations.securityAssessmentResults.batchCompute

I think it will be great if we can integrate this assessment in the Apigee Maven plugin.
Scenario could be :

  • A new Apigee Maven Plugin Option like AAS_ScoreMin (optional)
  • if no AAS_ScoreMin parameter : we don't run the assessment
  • if AAS_ScoreMin=0, we run the assessment, then deploy API (whatever the score is) and return the report (score + other useful information that can be stored as an artefact in a CICD pipeline.)
  • if AAS_ScoreMin > 0, we run the assessment and deploy the API only if the given score is < to the calculated score, and then return the report

Thanks for your support

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions