OWASP Top Ten
| S.No. | OWASP Rule | Agent Desk | Unified Admin | Web Widget |
|---|---|---|---|---|
| 1 | Broken Access Control | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 2 | Cryptographic Failures | NON_COMPLIANT | NON_COMPLIANT | NON_COMPLIANT |
| 3 | Injection | PARTIAL_COMPLIANT | COMPLIANT | COMPLIANT |
| 4 | Insecure Design | NOT_TESTED | NOT_TESTED | NOT_TESTED |
| 5 | Security Misconfiguration | NOT_TESTED | NOT_TESTED | NOT_TESTED |
| 6 | Vulnerable and Outdated Components | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 7 | Identification and Authentication Failures | NON_COMPLIANT | NON_COMPLIANT | NON_COMPLIANT |
| 8 | Software and Data Integrity Failures | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 9 | Security Logging and Monitoring Failures | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 10 | Server-Side Request Forgery (SSRF) | NOT_TESTED | NOT_TESTED | NOT_TESTED |
These scan results are produced by our Security QA team using OWASP ZAP and Burp Suite penetration/security testing tools. We will keep scanning for vulnerabilities and do the fixation on identified security bugs on Expertflow CX.