Skip to content

[API Shield] New security insights #18898

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 20, 2024
Merged

[API Shield] New security insights #18898

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions src/content/docs/security-center/security-insights/index.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,16 @@ Listed below are the specific insights currently available:
| [Get notified of malicious client-side scripts](/page-shield/detection/configure-alerts/) | We detect that Page Shield alerts are not configured. You will not receive notifications when we detect potential malicious scripts executing in your client-side environment. |
| [Managed Rules not deployed](/waf/managed-rules/reference/cloudflare-managed-ruleset/) | No managed rules deployed on a WAF protected domain. |
| [Migrate to new Managed Rules](/waf/reference/migration-guides/waf-managed-rules-migration/) | Migration to new Managed Rules system required for optimal protection. |
| [Mixed-authentication API endpoints detected](/api-shield/management-and-monitoring/endpoint-labels/#managed-labels) | Not all of the successful requests against API endpoints carried session identifiers. |
| [New API endpoints detected](/api-shield/security/api-discovery/) | API Discovery detects new API endpoints in your zone's traffic. |
| [New CASB integrations found](/cloudflare-one/applications/casb/casb-integrations/) | New CASB integrations have been found. |
| [Overprovisioned Access Policies](/cloudflare-one/policies/access/) | We detect an Access policy to allow everyone access to your application. |
| [Page Shield not enabled](/page-shield/get-started/) | Page Shield helps meet PCI DSS v4.0 compliance regarding requirement 6.4.3. |
| [SPF Record Errors](/dns/manage-dns-records/reference/dns-record-types/#spf) | We detect an incorrect or missing `SPF` record. |
| [Sensitive data in API response](/api-shield/management-and-monitoring/#sensitive-data-detection) | Sensitive data in API responses detected. |
| [Turn on JavaScript Detection](/bots/reference/javascript-detections/) | One or more of your Bot Management enabled zones does not have JavaScript Detection enabled, which is a critical part of our bot detection suite. |
| [Unassigned Access seats](/cloudflare-one/) | We detect a Zero Trust subscription that is not configured yet. |
| [Unauthenticated API endpoints detected](/api-shield/management-and-monitoring/endpoint-labels/#managed-labels) | None of the successful requests against API endpoints carried session identifiers. |
| [Unprotected Cloudflare Tunnels](/cloudflare-one/applications/configure-apps/self-hosted-apps/#4-connect-your-origin-to-cloudflare) | We detect an application that is served by a Cloudflare Tunnel but not protected by a corresponding Access policy. |
| [Unproxied `A` Records](/dns/manage-dns-records/reference/dns-record-types/#a-and-aaaa) | This DNS record is not proxied by Cloudflare. Cloudflare can not protect this origin because it is exposed to the public Internet. |
| [Unproxied `AAAA` Records](/dns/manage-dns-records/reference/dns-record-types/#a-and-aaaa) | This DNS record is not proxied by Cloudflare. Cloudflare can not protect this origin because it is exposed to the public Internet. |
Expand Down
Loading