Countermeasures against application-layer attacks

Options
Akihiko Sano
Akihiko Sano
edited January 31 in Extended ECM Integration #1

I want to be able to run the DP and xECM APIs from the Internet.
IP limit with FireWall.
Does DP and xECM have application layer attack prevention?
It protects against application-layer attacks such as SQL injection, XSS, and CSRF.
Do I need to place the Web Application Firewall on the front of the OpenText server?
Thank you and best regards,

Tagged:

Answers

  • Ian Archibald
    Ian Archibald E mod
    #2
    Options

    Hi Akihiko,

    I don't believe this question is best suited for the TeamSite support team. We do not make use of these API's.

    Can you either ask your question to the correct (product) group, or open a case with support.


    Thanks

    Ian

    Ian Archibald
    Manager, Global Technical Support

  • Karen Weir
    Karen Weir E admin
    #3
    Options

    Thanks Ian

    Akihiko, I moved your post to our Extended ECM area of the community.

    I want to be able to run the DP and xECM APIs from the Internet.
    IP limit with FireWall.
    Does DP and xECM have application layer attack prevention?
    It protects against application-layer attacks such as SQL injection, XSS, and CSRF.
    Do I need to place the Web Application Firewall on the front of the OpenText server?

  • Akihiko Sano
    Akihiko Sano
    #4
    Options

    Hi, lan.
    I'm sorry for the mistake.

    Hi, Karen.
    Thank you for moving.
    We will ask questions in this group from now on.

    Thank you and best regards
    Akihiko

  • Greg Griffiths
    Greg Griffiths
    #5
    Options

    The product does provide some checking e.g. is a node id a number etc, as well as some of the configuration elements, see OTCS Hardening Guide as well here.

    At the end of the day, the level of "security" you require depends very much on the client requirements so perhaps a penetration test would give you topics to look at.

    OT offerings are used in very secure industries including finance, gov, military and intel so they have the core elements needed for those accreditation.

  • Akihiko Sano
    Akihiko Sano
    #6
    Options

    Hi Greg,
    Thank you for your answer.
    I will run penetration tests and vulnerability diagnostic tools.
    By the way, have OT (especially Extended ECM, DP and Directory Service) been released after running penetration tests and vulnerability diagnostics?
    Also, does OT regularly run penetration tests and vulnerability diagnosis tools after release, and provide security patches when problems are detected?
    Thank you and best regards
    Akihiko

  • Greg Griffiths
    Greg Griffiths
    #7
    Options

    I believe they do, but I will leave one of their team to comment on the details. If there is a known CVE there is often a response from OT for the relevant applications letting us know what the impact / risk / fix is.

    There is a little information at https://www.opentext.com/about/opentext-privacy-center .

Categories

image
OpenText CE Products
Extended ECM
Docs & APIs