...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRD00-J | medium | likely | high | P6 | L2 |
DRD01-J | low | unlikely | medium | P2 | L3 |
DRD02-J | high | probable | medium | P12 | L1 |
Rule | Rule Text | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
DRD00-J | Do not log sensitive information to on-device logs |
|
|
|
|
|
DRD01-J | Do not store sensitive information to unprotected location |
|
|
|
|
|
DRD02-J | When store sensitive data, encrypt it and give proper file permissions |
|
|
|
|
|
| DRD03-J | Ensure there are strong server side controls, or do not count on confidentiality or integrity of data sent to server | |||||
| DRD04-J | Ensure sufficient transport layer protection | |||||
| DRD05-J | Do not store some types of very sensitive data | |||||
| DRD06-J | Do not ignore certification validation errors and then fall back to clear text communications | |||||
| DRD07-J | Validate all data sent to and received from untrusted third-party applications before processing | |||||
| DRD08-J | No writing to SD card unless data identified as no privileges needed |
...