Zero Trust UC7 API Management ()
Zero Trust UC7 API Management
Zero Trust Assets <<Asset at Risk>> Data
Zero Trust Assets <<Asset at Risk>> Application
Zero Trust Assets <<Asset at Risk>> Reputation
Zero Trust Assets UC7 API Management - Implemented Control Measures
Zero Trust Control Objectives <<Control Objective>> Enabling the establishment of a secure and resilient enterprise digital security ecosystem in which government services are delivered safely and securely
Zero Trust Control Objectives <<Control Objective>> Providing a secure platform that ensures safety and protection of systems and data
Zero Trust Control Objectives Risk
UC7 API Management - Control Measures <<Control Measure>>Enable identity context in the API traffic to authenticate all packets to the application (or service) whether the APIs are internal or external to the domain
UC7 API Management - Control Measures <<Control Measure>>Enable throttling and cache
UC7 API Management - Control Measures <<Control Measure>> Authentication using user identity, app identity, device identity
UC7 API Management - Control Measures <<Security Principle>> Zero Trust Principles
UC7 API Management - Control Measures <<Security Requirement>> Zero Trust Requirements
<<Threat Agent>> Attacker Threat Event
Threat Event Vunerability
Threat Event Loss Event
Loss Event Vunerability
Loss Event Risk
Vunerability Zero Trust Assets
<<Security Principle>> Zero Trust Principles Zero Trust Control Objectives
<<Security Requirement>> Zero Trust Requirements Zero Trust Control Objectives
UC7 API Management - Implemented Control Measures <<Implemented Control Measure>> Application Whitelisting and Ring-fencing
UC7 API Management - Implemented Control Measures <<Implemented Control Measure>> API (Application Programming Interface) Gateway
UC7 API Management - Implemented Control Measures Vunerability
UC7 API Management - Implemented Control Measures UC7 API Management - Control Measures