Skip to main content

CSharp

In this section, you will find a list of the rules associated with the CSharp language and the security requirements.

MethodSecurity Requirement
CS_CERT_VALIDATION_DISABLED158. Use a secure programming language.
CS_CHECK_HASHES_SALT266. Disable insecure functionalities.
CS_CONFLICTING_ANNOTATIONS158. Use a secure programming language.
CS_CREATE_TEMP_FILE095. Define users with privileges
096. Set user's required privileges
186. Use the principle of least privilege
CS_DISABLED_HTTP_HEADER_CHECK266. Disable insecure functionalities
CS_DISABLED_STRONG_CRYPTO148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_HARDCODED_SYMMETRIC_KEY148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_HAS_PUBLIC_CACHE_HEADER062. Define standard configurations
177. Avoid caching and temporary files
266. Disable insecure functionalities
349. Include HTTP security headers
CS_HTTPCLIENT_NO_REVOCATION_LIST148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_INFO_LEAK_ERRORS077. Avoid disclosing technical information
176. Restrict system objects
CS_INSECURE_ASSEMBLY_LOAD040. Compare file format and extension
041. Scan files for malicious code
CS_INSECURE_AUTHENTICATION030. Avoid object reutilization
228. Authenticate using standard protocols
319. Make authentication options equally secure
CS_INSECURE_CERTIFICATE_VALIDATION266. Disable insecure functionalities
CS_INSECURE_CHANNEL181. Transmit data using secure protocols
CS_INSECURE_CIPHER148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_INSECURE_CORS062. Define standard configurations
266. Disable insecure functionalities
349. Include HTTP security headers
CS_INSECURE_CORS_ORIGIN062. Define standard configurations
266. Disable insecure functionalities
349. Include HTTP security headers
CS_INSECURE_DESERIAL173. Discard unsafe inputs
321. Avoid deserializing untrusted data
CS_INSECURE_HASH148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_INSECURE_KEYS148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_INSECURE_LOGGING080. Prevent log modification
173. Discard unsafe inputs
CS_INSECURE_SHARED_ACCESS_PROTOCOL148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_INSEC_ADDHEADER_WRITE029. Cookies with security attributes
173. Discard unsafe inputs
CS_INSEC_COOKIES029. Cookies with security attributes
CS_INSEC_CREATE173. Discard unsafe inputs
324. Control redirects
CS_JS_DESERIALIZATION173. Discard unsafe inputs
321. Avoid deserializing untrusted data
CS_JWT_SIGNED032. Avoid session ID leakages
181. Transmit data using secure protocols
CS_LDAP_CONN_AUTH266. Disable insecure functionalities.
CS_LDAP_INJECTION173. Discard unsafe inputs.
CS_MANAGED_SECURE_MODE148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_OBSOLETE_KEY_DERIVATION148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_OPEN_REDIRECT173. Discard unsafe inputs
320. Avoid client-side control enforcement
342. Validate request parameters
CS_OVERRIDE_AUTH_MODIFIER142. Change system default credentials
264. Request authentication
265. Restrict access to critical processes
266. Disable insecure functionalities
319. Make authentication options equally secure
CS_PATH_INJECTION037. Parameters without sensitive data
320. Avoid client-side control enforcement
CS_REGEX_INJECTION072. Set maximum response time
327. Set a rate limit
CS_REMOTE_COMMAND_EXECUTION173. Discard unsafe inputs
265. Restrict access to critical processes
266. Disable insecure functionalities
CS_RSA_SECURE_MODE148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_SCHEMA_BY_URL262. Verify third-party components
CS_SERVICE_POINT_MANAGER_DISABLED148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_SQL_INJECTION169. Use parameterized queries
173. Discard unsafe inputs
CS_STORED_PASSWORD145. Protect system cryptographic keys
156. Source code without sensitive information
266. Disable insecure functionalities
CS_TYPE_NAME_HANDLING173. Discard unsafe inputs
321. Avoid deserializing untrusted data
CS_UNSAFE_PATH_TRAVERSAL173. Discard unsafe inputs
320. Avoid client-side control enforcement
342. Validate request parameters
CS_UNSAFE_SQL_STATEMENT169. Use parameterized queries
173. Discard unsafe inputs
CS_VERIFY_DECODER032. Avoid session ID leakages
181. Transmit data using secure protocols
CS_VULN_REGEX072. Set maximum response time
327. Set a rate limit
CS_WEAK_CREDENTIAL130. Limit password lifespan
132. Passphrases with at least 4 words
133. Passwords with at least 20 characters
139. Set minimum OTP length
332. Prevent the use of breached passwords
CS_WEAK_PROTOCOL148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
CS_XAML_INJECTION173. Discard unsafe inputs.
CS_XML_SERIAL173. Discard unsafe inputs
321. Avoid deserializing untrusted data
CS_XPATH_INJECTION173. Discard unsafe inputs
CS_XPATH_INJECTION_EVALUATE173. Discard unsafe inputs
CS_XSL_TRANSFORM_OBJECT262. Verify third-party components
C_SHARP_ACCEPTS_ANY_MIMETYPE062. Define standard configurations
266. Disable insecure functionalities
349. Include HTTP security headers
C_SHARP_PLAIN_TEXT_KEYS145. Protect system cryptographic keys.
Last updated on