OWASP Top Ten
We regularly scan vulnerabilities defined under OWASP Top Ten Compliance .
OWASP Rule | Agent Desk | Unified Admin | Web Widget | |
|---|---|---|---|---|
| 1 | Broken Access Control | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 2 | Cryptographic Failures | NON_COMPLIANT | NON_COMPLIANT | NON_COMPLIANT |
| 3 | Injection | PARTIAL_COMPLIANT | COMPLIANT | COMPLIANT |
| 4 | Insecure Design | NOT_TESTED | NOT_TESTED | NOT_TESTED |
| 5 | Security Misconfiguration | NOT_TESTED | NOT_TESTED | NOT_TESTED |
| 6 | Vulnerable and Outdated Components | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 7 | Identification and Authentication Failures | NON_COMPLIANT | NON_COMPLIANT | NON_COMPLIANT |
| 8 | Software and Data Integrity Failures | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 9 | Security Logging and Monitoring Failures | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT | PARTIAL_COMPLIANT |
| 10 | Server-Side Request Forgery (SSRF) | NOT_TESTED | NOT_TESTED | NOT_TESTED |
These scan results are produced by our Security QA team using OWASP ZAP, Sonar Cloud and Burp Suite penetration/security testing tools. We will keep scanning for vulnerabilities and do the fixation on identified security bugs on Expertflow CX.
Please enter an Aha! link and then click
above to see a preview