Day 28: DDIS - GlideRecord API usage in REST Web Service
Scan Check Type: Table Check [sys_ws_operation]
Scripted REST APIs should use the GlideRecordSecure API. This API ensures that access controls defined on the underlying data are applied for the requesting user.
Ensure that all REST API Resources use GlideRecordSecure methods, instead of GlideRecord methods.
This scan was developed using a table check with condition to identify any Scripted REST Resource records which contain a reference the a GlideRecord. This check is inspired by a QualityClouds rule.
Download and import the XML to check it out in your instance! At the end of the month I will be bundling all the checks together.
Day 28 scan_table_check_a013bd152fb311107caa93acf699b6a2.xml