Close popover
Sunil Jha (Sunil.Jha)
Capgemini Nederland B.V.
Managing Consultant (Pega Solution Architect)
Capgemini Nederland B.V.
Sunil.Jha Member since 2015 9 posts
Capgemini Nederland B.V.
Posted: July 7, 2018
Last activity: July 18, 2018

Securtity concerns for Pega OOTB Service Packages

After installing Pega as descibed, we notice some out of the box service packages are not secure enough in our opinion.
Looking at the service package DownloadWebJS for example, it is missing the "requires authentication flag". Is there a reason to leave the "requires authentication" unchecked?

On the 7.3.1 environment, there is no authentication required for certain Service Packages, which is not correct and not inline with our security policilies. So the Question is, how to set/manage the Authentication Required for Pega OOTB services packages such that it must not be overwritten when you install an new version of an Application?

Need clarification and guidance on how to manage/improve Pega OOTB service packages which are without any "requires authentication flag".

Low-Code App Development Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.