An error occurred:

Check: SRG-APP-000095-API-001770

Application Programming Interface (API) SRG: SRG-APP-000095-API-001770 (in version v1 r1)

Title

The API Gateway must audit exceptions and errors that occur during the processing. (Cat II impact)

Discussion

The API gateway must audit exceptions and errors that occur during processing to ensure robust security, reliable performance, and effective troubleshooting. As the central entry point for all incoming API requests, the gateway is responsible for managing traffic and routing requests to the appropriate backend services. Auditing errors and exceptions allows the gateway to capture critical issues such as request processing failures, system outages, or unexpected behaviors, providing insights into the health and stability of the entire API ecosystem. By logging these events, the gateway can help identify recurring issues, misconfigurations, or security vulnerabilities that might otherwise go unnoticed. This is essential for detecting potential attacks, such as denial-of-service (DoS) attempts or malicious behavior that exploits system flaws.

Check Content

If an API Gateway is not in use, this is Not Applicable. Verify the API Gateway audits exceptions and errors that occur during the processing. 1. Inspect the API Gateway logs to ensure they capture exception and error events, including error codes, messages, and stack traces. 2. Simulate errors (e.g., invalid requests or server failures) and verify these are logged with relevant details like timestamps and error types. 3. Verify the API Gateway is configured to log exceptions and errors with sufficient detail for troubleshooting and analysis. 4. Review the API Gateway documentation support to ensure proper auditing of exceptions and errors is enabled. If the API Gateway does not audit exceptions and errors, this is a finding.

Fix Text

Build or configure the API Gateway to log errors and exceptions, including the level of detail, such as timestamps, error type, and affected resources.

Additional Identifiers

Rule ID: SV-274529r1143555_rule

Vulnerability ID: V-274529

Group Title: SRG-APP-000095

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000130

Ensure that audit records contain information that establishes what type of event occurred.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-3

Content of Audit Records