-
Notifications
You must be signed in to change notification settings - Fork 0
Security Audit Checklist
PATAS Bot edited this page Nov 19, 2025
·
1 revision
Comprehensive security audit checklist for PATAS deployment.
- API keys properly validated
- Rate limiting enforced per API key
- API keys stored securely (hashed, not plaintext)
- Token expiration enforced
- Admin endpoints require elevated privileges
- All user inputs validated
- SQL queries use parameterized statements
- SQL safety validation enforced (see
app/v2_sql_safety.py) - Whitelist validation for tables and columns
- No raw SQL concatenation with user input
- Subqueries blocked
- UNION SELECT blocked
- PII redaction enabled for logs
- OCR text redaction implemented
- Sensitive data not logged in plaintext
- Database credentials stored securely
- API keys not exposed in logs or error messages
- No hardcoded secrets in code
- Secrets stored in environment variables or secret manager
- Secret rotation mechanism implemented
- Old secrets properly expired
- Secrets not committed to version control
- HTTPS enforced (TLS 1.2+)
- CORS properly configured
- Rate limiting prevents abuse
- Request size limits enforced
- Error messages don't leak sensitive information
- Database connections use TLS
- Database credentials rotated regularly
- Database access restricted by IP/network
- Database backups encrypted
- SQL injection protection in place
- LLM API keys stored securely
- API keys rotated regularly
- CostGuard implemented to prevent budget overruns
- Usage quotas enforced
- Sensitive data not sent to LLM APIs unnecessarily
- Audit logging enabled
- Security events logged
- Failed authentication attempts logged
- PII redacted from logs
- Log retention policies enforced
- Firewall rules configured
- SSH access restricted
- Unnecessary ports closed
- Security updates applied regularly
- Container images scanned for vulnerabilities
- Dependencies regularly updated
- Known vulnerabilities patched
- Code reviewed for security issues
- Static analysis tools used
- No debug mode in production
Critical (Fix Immediately):
- SQL injection vulnerabilities
- Hardcoded secrets
- Missing authentication/authorization
- Unencrypted sensitive data
High (Fix Within 1 Week):
- Missing input validation
- Insecure API endpoints
- Missing rate limiting
Medium (Fix Within 1 Month):
- Missing audit logging
- Incomplete PII redaction
- Missing secret rotation