APK
In this section, you will find a list of the rules associated with APK and the security requirements.
Method | Security Requirement |
---|---|
APK_BACKUPS_ENABLED | 185. Encrypt sensitive information 266. Disable insecure functionalities |
APK_DEBUGGING_ENABLED | 077. Avoid disclosing technical information 078. Disable debugging events |
APK_EXPORTED_CP | 096. Set user's required privileges 176. Restrict system objects 264. Request authentication 320. Avoid client-side control enforcement |
APK_UNSIGNED | 122. Validate credential ownership 173. Discard unsafe inputs 178. Use digital signatures 320. Avoid client-side control enforcement |
FRAGMENT_INJECTION | 266. Disable insecure functionalities 173. Discard unsafe inputs |
IMPROPER_CERTIFICATE_VALIDATION | 266. Disable insecure functionalities |
NOT_VERIFIES_SSL_HOSTNAME | 266. Disable insecure functionalities |
SOCKET_GET_INSECURE | 183. Delete sensitive data securely |
WEBVIEW_VULNS | 266. Disable insecure functionalities |