...
Rule | Rule Text | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
DRD00-J | Do not log sensitive information to on-device logs |
|
|
|
|
|
DRD01-J | Do not store sensitive information to unprotected location |
|
|
|
|
|
DRD02-J | When store sensitive data, encrypt it and give proper file permissions |
|
|
|
|
|
| DRD03-J | Ensure there are strong server side controls, or do not count on confidentiality or integrity of data sent to server | |||||
| DRD04-J | Ensure sufficient transport layer protection | |||||
| DRD05-J | Do not store some types of very sensitive data | |||||
| DRD06-J | Do not ignore certification validation errors and then fall back to clear text communications | |||||
| DRD07-J | Validate all data sent to and received from untrusted third-party applications before processing | |||||
| DRD08-J | No writing to SD card unless data identified as no privileges needed |
ENV05-J. Do not deploy an application that can be remotely monitored The CERT Oracle Secure Coding Standard for Java MSC00-J. Use SSLSocket rather than Socket for secure data exchange
...