{"framework":"owasp-api-2023","framework_label":"OWASP API","controls":[{"control_id":"API10:2023","title":"Unsafe Consumption of APIs","family":"A","techniques":[{"id":"T1195","name":"Supply Chain Compromise","detectable":true,"detections":"Sigma"}],"technique_count":1,"detectable_count":1,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API1:2023","title":"Broken Object Level Authorization","family":"A","techniques":[{"id":"T1078","name":"Valid Accounts","detectable":true,"detections":"Sigma, CAR, IDS"}],"technique_count":1,"detectable_count":1,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API2:2023","title":"Broken Authentication","family":"A","techniques":[{"id":"T1078","name":"Valid Accounts","detectable":true,"detections":"Sigma, CAR, IDS"},{"id":"T1110","name":"Brute Force","detectable":true,"detections":"Sigma"}],"technique_count":2,"detectable_count":2,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API3:2023","title":"Broken Object Property Level Authorization","family":"A","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"API4:2023","title":"Unrestricted Resource Consumption","family":"A","techniques":[{"id":"T1499","name":"Endpoint Denial of Service","detectable":true,"detections":"Sigma"}],"technique_count":1,"detectable_count":1,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API5:2023","title":"Broken Function Level Authorization","family":"A","techniques":[{"id":"T1078","name":"Valid Accounts","detectable":true,"detections":"Sigma, CAR, IDS"}],"technique_count":1,"detectable_count":1,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API6:2023","title":"Unrestricted Access to Sensitive Business Flows","family":"A","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false},{"control_id":"API7:2023","title":"Server Side Request Forgery","family":"A","techniques":[{"id":"T1190","name":"Exploit Public-Facing Application","detectable":true,"detections":"Sigma, IDS, Falco"}],"technique_count":1,"detectable_count":1,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API8:2023","title":"Security Misconfiguration","family":"A","techniques":[{"id":"T1190","name":"Exploit Public-Facing Application","detectable":true,"detections":"Sigma, IDS, Falco"}],"technique_count":1,"detectable_count":1,"coverage_pct":100,"has_mapping":true,"is_enhancement":false},{"control_id":"API9:2023","title":"Improper Inventory Management","family":"A","techniques":null,"technique_count":0,"detectable_count":0,"coverage_pct":0,"has_mapping":false,"is_enhancement":false}],"families":[{"family":"A","controls":10,"controls_with_mapping":7,"distinct_techniques":5,"detectable_techniques":5,"coverage_pct":100}],"total_controls":10,"controls_with_mapping":7,"distinct_techniques":5,"detectable_techniques":5,"overall_coverage_pct":100,"unmapped_enhancements":0,"no_mappings_at_all":false}