V-274537

Discussion

All defined API elements and their security-relevant configurations must be documented and enforced, ensuring compliance with the organization's approved security baselines. Identifying all API elements that must be logged is essential for security, monitoring, and threat detection. Documenting and enforcing security-relevant configurations for all defined API elements ensures consistency, reduces misconfigurations, and supports compliance with organizational security baselines. This practice enhances system integrity, simplifies audits, and helps prevent vulnerabilities caused by undocumented or insecure API behaviors.

Check Content

To identify APIs in use:

Analyze application code for API calls, URLs, and authentication keys in frontend and backend components. 

Use network monitoring tools to capture API traffic in real time. 

Check browser DevTools (Network tab) for active API requests in web applications.

Review server and API gateway logs (e.g., AWS CloudWatch, Nginx logs) to track API calls and usage patterns. 

Inspect configuration files, environment variables, and documentation for references to external or internal APIs.

If any defined API elements or their security-relevant configurations are not documented and enforced in accordance with the organization's approved security baselines, this is a finding.