Network API calls that facilitate modification of data, or access to data not authorised for release into the public domain, and are accessible over the internet, are centrally logged.
Topic
Network application programming interfaces
Applicable to
Non Classified, Official, Protected, Secret, Top Secret
History
Mar 2025
Network API calls that facilitate modification of data, or access to data not authorised for release into the public domain, and are accessible over the internet, are centrally logged.
The existing control recommending that web API calls that facilitate modification of data, or access to data not authorised for release into the public domain, are centrally logged was amended to refer to network APIs that are accessible over the internet.
Dec 2023
Web API calls that facilitate modification of data, or access to data not authorised for release into the public domain, are centrally logged.
A new control recommending event logs relating to specific web application programming interface calls be collected and centrally logged was added.