...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRD00DRD??-J | medium | likely | high | P6 | L2 |
DRD01DRD??-J | low | unlikely | medium | P2 | L3 |
DRD02DRD??-J | high | probable | medium | P12 | L1 |
Rule | Rule Text | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
DRD00DRD??-J | Do not log sensitive information to on-device logs |
|
|
|
|
|
DRD01DRD??-J | Do not store sensitive information to unprotected location |
|
|
|
|
|
DRD02DRD??-J | When store sensitive data, encrypt it and give proper file permissions |
|
|
|
|
|
| DRD03 DRD??-J | Ensure there are strong server side controls, or do not count on confidentiality or integrity of data sent to server | |||||
| DRD04 DRD??-J | Ensure sufficient transport layer protection | |||||
| DRD05 DRD??-J | Do not store some types of very sensitive data | |||||
| DRD06 DRD??-J | Do not ignore certification validation errors and then fall back to clear text communications | |||||
| DRD07??-J | Validate all data sent to and received from untrusted third-party applications before processing | |||||
| DRD08DRD??-J | No writing to SD card unless data identified as no privileges needed |
...