Audit Open Original ↗

AlphaSOC API

Type

Security review

Client

AlphaSOC, Inc

Date

2022-09

Domain

AppSec

Effort

1 wk

Section

Technology Product Reviews

Trail of Bits's security review of AlphaSOC, Inc (Sep 2022) identified 7 issues: 1 low, and 6 informational.

Findings · 7

1 API keys are leaked outside of the application server Low
2 Unused insecure authentication mechanism Informational
3 Use of panics to handle user-triggerable errors Informational
4 Confusing API authentication mechanism Informational
5 Use of MD5 can lead to filename collisions Informational
6 Overly broad file permissions Informational
7 Unhandled errors Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.

Open the PDF ↗

Related