Set maximum response time
Summary
The response time with the maximum expected concurrence must be no more than 5 seconds.
Description
Response time is a relevant measure of a system's availability and adaptability to stress. It is also important when it comes to usability and reliance. For these reasons, the response time must not surpass 5 seconds when the number of concurrent users reaches its peak.
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Machine | 🟢 |
| Squad | 🟢 |
References
- CAPEC™-125. Flooding
- CAPEC™-130. Excessive allocation
- CWE™-400. Uncontrolled resource consumption
- CWE™-770. Allocation of resources without limits or throttling
- CWE™-1325. Improperly controlled sequential memory allocation
- GDPR-32_1c. Security of processing
- Agile Alliance-11. Best architectures, requirements, and designs
- SANS 25-23. Uncontrolled Resource Consumption
- HITRUST CSF-01_u. Limitation of connection time
- ISA/IEC 62443-RA-7_1. Denial of service protection
- WASC-A_07. Buffer overflow
- WASC-A_10. Denial of service
- ISSAF-E_22. Network security - Switch security assessment (layer 2 port authentication)
- ISSAF-H_14_13. Network security - Intrusion detection (detection engine)
- ISSAF-Q_16_34. Host security - Windows security (denial of service attacks)
- OWASP ASVS-11_1_2. Business logic security
- OWASP ASVS-11_1_3. Business logic security
- OWASP ASVS-11_1_4. Business logic security
- CWE TOP 25-400. Uncontrolled Resource Consumption
- CASA-11_1_4. Business Logic Security
Vulnerabilities
- 002. Asymmetric denial of service
- 003. Symmetric denial of service
- 057. Asymmetric denial of service - Content length
- 067. Improper resource allocation
- 211. Asymmetric denial of service - ReDoS
- 316. Improper resource allocation - Buffer overflow
- 317. Improper resource allocation - Memory leak
- 356. Symmetric denial of service - SMTP
- 357. Symmetric denial of service - FTP
- 423. Inappropriate coding practices - System exit
free trial
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.