I have a query regarding the Apigee Hybrid Security mechanism. Considering a scenario wherein an unauthorized user accesses the Apgiee Hybird Management plane and updates API proxy definition to bypass certain security checks(e.g. RegularExpression policy used for SQL injection detection). In this case the revised API proxy definition might get synchronized with the Apigee runtime making the API prone to SQL injection attack.
Is it possible to apply any controls on the API Proxy sync mechanism from Management Plane to Runtime Plane?
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |