CRYPTOGRAPHY (CR6)
Romain can read and modify unencrypted data in memory or in transit (e.g. cryptographic secrets, credentials, session identifiers, personal and commercially-sensitive data), in use or in communications within the application, or between the application and users, or between the application and external systems
Romain can read and modify unencrypted data in memory or in transit (e.g. cryptographic secrets, credentials, session identifiers, personal and commercially-sensitive data), in use or in communications within the application, or between the application and users, or between the application and external systems
OWASP SCP
36,37,143,146,147
OWASP ASVS
1.9.1,2.2.5,2.5.1,8.3.4,8.3.6,9.1.3,9.2.2
OWASP AppSensor
CAPEC
-
SAFECODE
29
NB: The key concept for this card is lack of encryption of data in transit and/or in memory.
Mappings
OWASP ASVS (4.0): 1.9.1 ,2.2.5 ,2.5.1 ,8.3.4 ,8.3.6 ,9.1.3 ,9.2.2
Capec: 31 ,57 ,102 ,157 ,158 ,384 ,466 ,546
OWASP SCP: 36,37,143,146,147
OWASP Appsensor:
Safecode: 29
ASVS (4.0) Cheatsheetseries Index
ASVS V1.9 - Communications Architectural Requirements
ASVS V2.2 - General Authenticator Requirements
ASVS V2.5 - Credential Recovery Requirements
ASVS V8.3 - Sensitive Private Data
ASVS V9.1 - Communications Security Requirements
ASVS V9.2 - Server Communications Security Requirements
No suitable mappings were found.
