Severity Levels
Akto classifies API security vulnerabilities into four severity levels to help teams prioritize their remediation efforts. Each level indicates the potential impact on your API security posture and guides response timing.
Different Severity Levels
Critical
Issues that pose an immediate risk to API security.
Can lead to unauthorised data access, system compromise, or service disruption. Immediate remediation is essential.
High
Significant API security risks requiring prompt attention.
Not as immediately dangerous as Critical issues, but can severely impact API integrity and data security if exploited.
Medium
Moderate risks affecting specific API endpoints or security controls.
Should be remediated in a planned manner within standard development cycles.
Low
Minor API security concerns.
Do not pose immediate threats but represent opportunities to improve security during regular maintenance.
Update Severity for a Test Result
You can also update the severity of findings generated by a specific security test run.
Steps
Navigate to API Security Testing → Results.
Open the preferred test run.
Select one or more tests whose severity you want to update.
Once selected, the Update Severity option appears at the bottom center of the screen.
Choose the updated severity level.
Click Update Severity to save.
Note: After a test’s severity is updated, all future results generated from that test will automatically be marked with the newly assigned severity.
Last updated