OWASP Insufficient Attack Protection
September 10th, 2022
Insufficient Attack Protection
We must always assume that attackers have unlimited access to other machines behind the firewall.
pattern: track illegitimate requests by their origin
pattern: log bad requests by source principal
pattern: use API Gateways to block callers by API key
pattern: use API Gateways to throttle request rate by API key
(src:
This post was referenced in: