Currently, the POST /update-rules/ endpoint is not behind authentication, meaning anyone can update the rules if they have the endpoint URL. This is not desirable. Also, the appropriate workflows in the security-intelligence repo do perform authentication so this should be a relatively simple fix.
Currently, the
POST /update-rules/
endpoint is not behind authentication, meaning anyone can update the rules if they have the endpoint URL. This is not desirable. Also, the appropriate workflows in thesecurity-intelligence
repo do perform authentication so this should be a relatively simple fix.