CS_CERT_VALIDATION_DISABLED | 158. Use a secure programming language. |
CS_CHECK_HASHES_SALT | 266. Disable insecure functionalities. |
CS_CONFLICTING_ANNOTATIONS | 158. Use a secure programming language. |
CS_CREATE_TEMP_FILE | 095. Define users with privileges 096. Set user's required privileges 186. Use the principle of least privilege |
CS_DISABLED_HTTP_HEADER_CHECK | 266. Disable insecure functionalities |
CS_DISABLED_STRONG_CRYPTO | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_HARDCODED_SYMMETRIC_KEY | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_HAS_PUBLIC_CACHE_HEADER | 062. Define standard configurations 177. Avoid caching and temporary files 266. Disable insecure functionalities 349. Include HTTP security headers |
CS_HTTPCLIENT_NO_REVOCATION_LIST | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_INFO_LEAK_ERRORS | 077. Avoid disclosing technical information 176. Restrict system objects |
CS_INSECURE_ASSEMBLY_LOAD | 040. Compare file format and extension 041. Scan files for malicious code |
CS_INSECURE_AUTHENTICATION | 030. Avoid object reutilization 228. Authenticate using standard protocols 319. Make authentication options equally secure |
CS_INSECURE_CERTIFICATE_VALIDATION | 266. Disable insecure functionalities |
CS_INSECURE_CHANNEL | 181. Transmit data using secure protocols |
CS_INSECURE_CIPHER | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_INSECURE_CORS | 062. Define standard configurations 266. Disable insecure functionalities 349. Include HTTP security headers |
CS_INSECURE_CORS_ORIGIN | 062. Define standard configurations 266. Disable insecure functionalities 349. Include HTTP security headers |
CS_INSECURE_DESERIAL | 173. Discard unsafe inputs 321. Avoid deserializing untrusted data |
CS_INSECURE_HASH | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_INSECURE_KEYS | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_INSECURE_LOGGING | 080. Prevent log modification 173. Discard unsafe inputs |
CS_INSECURE_SHARED_ACCESS_PROTOCOL | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_INSEC_ADDHEADER_WRITE | 029. Cookies with security attributes 173. Discard unsafe inputs |
CS_INSEC_COOKIES | 029. Cookies with security attributes |
CS_INSEC_CREATE | 173. Discard unsafe inputs 324. Control redirects |
CS_JS_DESERIALIZATION | 173. Discard unsafe inputs 321. Avoid deserializing untrusted data |
CS_JWT_SIGNED | 032. Avoid session ID leakages 181. Transmit data using secure protocols |
CS_LDAP_CONN_AUTH | 266. Disable insecure functionalities. |
CS_LDAP_INJECTION | 173. Discard unsafe inputs. |
CS_MANAGED_SECURE_MODE | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_OBSOLETE_KEY_DERIVATION | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_OPEN_REDIRECT | 173. Discard unsafe inputs 320. Avoid client-side control enforcement 342. Validate request parameters |
CS_OVERRIDE_AUTH_MODIFIER | 142. Change system default credentials 264. Request authentication 265. Restrict access to critical processes 266. Disable insecure functionalities 319. Make authentication options equally secure |
CS_PATH_INJECTION | 037. Parameters without sensitive data 320. Avoid client-side control enforcement |
CS_REGEX_INJECTION | 072. Set maximum response time 327. Set a rate limit |
CS_REMOTE_COMMAND_EXECUTION | 173. Discard unsafe inputs 265. Restrict access to critical processes 266. Disable insecure functionalities |
CS_RSA_SECURE_MODE | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_SCHEMA_BY_URL | 262. Verify third-party components |
CS_SERVICE_POINT_MANAGER_DISABLED | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_SQL_INJECTION | 169. Use parameterized queries 173. Discard unsafe inputs |
CS_STORED_PASSWORD | 145. Protect system cryptographic keys 156. Source code without sensitive information 266. Disable insecure functionalities |
CS_TYPE_NAME_HANDLING | 173. Discard unsafe inputs 321. Avoid deserializing untrusted data |
CS_UNSAFE_PATH_TRAVERSAL | 173. Discard unsafe inputs 320. Avoid client-side control enforcement 342. Validate request parameters |
CS_UNSAFE_SQL_STATEMENT | 169. Use parameterized queries 173. Discard unsafe inputs |
CS_VERIFY_DECODER | 032. Avoid session ID leakages 181. Transmit data using secure protocols |
CS_VULN_REGEX | 072. Set maximum response time 327. Set a rate limit |
CS_WEAK_CREDENTIAL | 130. Limit password lifespan 132. Passphrases with at least 4 words 133. Passwords with at least 20 characters 139. Set minimum OTP length 332. Prevent the use of breached passwords |
CS_WEAK_PROTOCOL | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
CS_XAML_INJECTION | 173. Discard unsafe inputs. |
CS_XML_SERIAL | 173. Discard unsafe inputs 321. Avoid deserializing untrusted data |
CS_XPATH_INJECTION | 173. Discard unsafe inputs |
CS_XPATH_INJECTION_EVALUATE | 173. Discard unsafe inputs |
CS_XSL_TRANSFORM_OBJECT | 262. Verify third-party components |
C_SHARP_ACCEPTS_ANY_MIMETYPE | 062. Define standard configurations 266. Disable insecure functionalities 349. Include HTTP security headers |
C_SHARP_PLAIN_TEXT_KEYS | 145. Protect system cryptographic keys. |