Addressing the Top Security Risks for Oracle Life Sciences IAMS APIs

The below sections identify the controls within the Oracle Life Sciences IAMS Inbound User Provisioning Service API that are used or may be used to address the top 10 security risks identified by OWASP for 2017.

In some cases, the controls are part of the product and proper use of the controls by the clients is required to validate the integrity of the controls.

The following risks are considered:

Injection
Broken Authentication
Sensitive Data Exposure
XML External Entities (XXE)
Broken Access Control
Security Misconfiguration
Cross-site Scripting (XSS)
Insecure Deserialization
Using Components with Known Vulnerabilities
Insufficient Logging and Monitoring

Parent topic: About this guide