fix tests. new product advisories enhancements
This commit is contained in:
master
22
docs/notifications/security/webhook-ack-hardening.md
Normal file
22
docs/notifications/security/webhook-ack-hardening.md
Normal file
@@ -0,0 +1,22 @@
|
||||
# Webhook Acknowledgment Hardening
|
||||
|
||||
This document describes the security measures for webhook acknowledgment validation.
|
||||
|
||||
## Overview
|
||||
|
||||
Webhook acknowledgment hardening ensures that webhook deliveries are properly verified and acknowledged.
|
||||
|
||||
## Security Measures
|
||||
|
||||
- HMAC signature verification for all webhook payloads
|
||||
- Timeout handling for slow webhook endpoints
|
||||
- Retry logic with exponential backoff
|
||||
- Dead letter queue for failed deliveries
|
||||
|
||||
## Configuration
|
||||
|
||||
Webhook endpoints must be configured with:
|
||||
- Secret key for HMAC signing
|
||||
- Signature header name
|
||||
- Timeout duration
|
||||
- Maximum retry attempts
|
||||
Reference in New Issue
Block a user