Actions
Epic #4
openApplication & API Security
Status:
New
Priority:
Medium
Assignee:
-
Target version:
-
Start date:
12/24/2025
Due date:
% Done:
0%
Estimated time:
Work Type:
Platform
Technical Area:
Release Narrative:
Description
Epic Title:
HIPAA – Application & API Security
BRD Reference:
Section 8.5 (API & Backend Security)
Section 8.3 (Session & Application Security)
Objective:
Protect the application layer from unauthorized access and common attack vectors.
Covers:
OAuth / token-based auth
Input validation (SQLi, XSS)
Rate limiting
Secure headers
Session timeout & secure cookies
Debug mode disabled in prod
Updated by rashmita rout about 2 months ago
- Work Type changed from Feature to Platform
Actions