Created
March 16, 2021 15:42
-
-
Save CMYanko/1f3bf657303b885190c1abbe23cc9711 to your computer and use it in GitHub Desktop.
Build Rules
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| source: | |
| branch: main | |
| build_rules: | |
| - id: allow-zero-high-impact | |
| finding_types: | |
| - vuln | |
| severity: | |
| - SEVERITY_HIGH_IMPACT | |
| # - id: build-rule-enchalada | |
| # finding_types: | |
| # - vuln | |
| # - secret | |
| # - insight | |
| # severity: | |
| # - SEVERITY_HIGH_IMPACT # or "critical" | |
| # - SEVERITY_MEDIUM_IMPACT # or "moderate" | |
| # - SEVERITY_LOW_IMPACT # or "info" | |
| # type: | |
| # - Cookie Injection | |
| # - Deserialization | |
| # - Directory traversal | |
| # - File Write | |
| # - Insecure Cookie | |
| # - LDAP Injection | |
| # - Mail Injection | |
| # - Mass Assignment | |
| # - NoSQL Injection | |
| # - Open Redirect | |
| # - Remote Code Execution | |
| # - Sensitive Data Leak | |
| # - Session Injection | |
| # - SQL Injection | |
| # - TLS checks are disabled | |
| # - Usage of insecure API | |
| # - Weak Hash | |
| # - XML InjectionXPath Injection | |
| # - XPath Injection | |
| # - XSS | |
| # - XXE | |
| # owasp_category: | |
| # - a1-injection | |
| # - a2-broken-authentication | |
| # - a3-sensitive-data-exposure | |
| # - a4-xxe | |
| # - a5-broken-access-control | |
| # - a6-security-misconfiguration | |
| # - a7-cross-site-scripting | |
| # - a7-xss | |
| # - a8-deserialization |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment