From 3a237075e904f28f2ad586fbe5b882d5696dec1e Mon Sep 17 00:00:00 2001
From: manutd <dev@localhost>
Date: Thu, 14 Jul 2022 10:55:42 +0700
Subject: [PATCH] add api signature on Input

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 4e64726..ef3afdd 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,7 @@ Checklist of the most important security countermeasures when designing, testing
 - [ ] Validate user input to avoid common vulnerabilities (e.g. `XSS`, `SQL-Injection`, `Remote Code Execution`, etc.).
 - [ ] Don't use any sensitive data (`credentials`, `Passwords`, `security tokens`, or `API keys`) in the URL, but use standard Authorization header.
 - [ ] Use an API Gateway service to enable caching, Rate Limit policies (e.g. `Quota`, `Spike Arrest`, or `Concurrent Rate Limit`) and deploy APIs resources dynamically.
+- [ ] Use API signature to prevent some guy testing manually or automatically
 
 ## Processing
 - [ ] Check if all the endpoints are protected behind authentication to avoid broken authentication process.