The application has taken application level steps to prevent Denial of Service attacks such as caching where possible, rate limiting and designing functionality to be non-blocking.
This includes protecting API endpoints against executing requests that could lead to DoS, limiting upload field data size and locking out users through reset functionality.
Specification
-
ISO 27001 & 27002:2022
8.1,
A5.8,
A8.25,
A8.26,
A8.27,
A8.28,
A8.29,
A8.31,
A8.30,
A8.32
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
SD.01 Methodology for secure development and implementation of software