Skip to content

Commit

Permalink
Add summaries and book
Browse files Browse the repository at this point in the history
  • Loading branch information
tsmithv11 committed Jul 31, 2024
1 parent 4cbb664 commit fd189d0
Show file tree
Hide file tree
Showing 3 changed files with 105 additions and 9 deletions.
50 changes: 41 additions & 9 deletions docs/en/enterprise-edition/policy-reference/book.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2935,15 +2935,45 @@ kind: chapter
name: SAST Policies
dir: sast-policies
topics:
- name: SAST Policies
file: sast-policies.adoc
- name: Go policies
dir: go-policies
topics:
- name: SAST Go Policy Index
file: go-policies.adoc
- name: Insecure SSH ignoring host key validation
file: sast-policy-198.adoc
- name: SAST Policies
file: sast-policies.adoc
- name: Go policies
dir: go-policies
topics:
- name: SAST Go Policy Index
file: go-policies.adoc
- name: Insecure SSH ignoring host key validation
file: sast-policy-198.adoc
- name: Weak RSA key length
file: sast-policy-200.adoc
- name: Usage of weak DES encryption algorithms
file: sast-policy-239.adoc
- name: Usage of weak MD5 hashing algorithm
file: sast-policy-240.adoc
- name: Usage of insecure RC4 cipher
file: sast-policy-241.adoc
- name: Usage of insecure SHA1 hashing algorithm
file: sast-policy-242.adoc
- name: Unsafe Go package in use
file: sast-policy-243.adoc
- name: Usage of weak random key generation
file: sast-policy-248.adoc
- name: Excessive directory permissions in Go applications
file: sast-policy-249.adoc
- name: Excessive file modification permissions
file: sast-policy-250.adoc
- name: Use of root directory in HTTP handler
file: sast-policy-253.adoc
- name: Excessive file write permissions
file: sast-policy-254.adoc
- name: Unsecured Creation of Temporary Files
file: sast-policy-255.adoc
- name: Missing HTTP server timeouts
file: sast-policy-256.adoc
- name: Usage of profiling endpoint in production
file: sast-policy-259.adoc
- name: Binding to all network interfaces
file: sast-policy-262.adoc
- name: Java policies
dir: java-policies
topics:
Expand Down Expand Up @@ -3207,6 +3237,8 @@ topics:
file: sast-policy-196.adoc
- name: Unrobust cryptographic keys
file: sast-policy-197.adoc
- name: Risky usage of malicious Polyfill.io library
file: sast-policy-263.adoc
- name: Python policies
dir: python-policies
topics:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,65 @@
|CKV3_SAST_198
|LOW

|xref:sast-policy-200.adoc[Weak RSA key length]
|CKV3_SAST_200
|MEDIUM

|xref:sast-policy-239.adoc[Usage of weak DES encryption algorithms]
|CKV3_SAST_239
|MEDIUM

|xref:sast-policy-240.adoc[Usage of weak MD5 hashing algorithm]
|CKV3_SAST_240
|MEDIUM

|xref:sast-policy-241.adoc[Usage of insecure RC4 cipher]
|CKV3_SAST_241
|LOW

|xref:sast-policy-242.adoc[Usage of insecure SHA1 hashing algorithm]
|CKV3_SAST_242
|LOW

|xref:sast-policy-243.adoc[Unsafe Go package in use]
|CKV3_SAST_243
|LOW

|xref:sast-policy-248.adoc[Usage of weak random key generation]
|CKV3_SAST_248
|MEDIUM

|xref:sast-policy-249.adoc[Excessive directory permissions in Go applications]
|CKV3_SAST_249
|MEDIUM

|xref:sast-policy-250.adoc[Excessive file modification permissions]
|CKV3_SAST_250
|MEDIUM

|xref:sast-policy-253.adoc[Use of root directory in HTTP handler]
|CKV3_SAST_253
|MEDIUM

|xref:sast-policy-254.adoc[Excessive file write permissions]
|CKV3_SAST_254
|MEDIUM

|xref:sast-policy-255.adoc[Unsecured Creation of Temporary Files]
|CKV3_SAST_255
|MEDIUM

|xref:sast-policy-256.adoc[Missing HTTP server timeouts]
|CKV3_SAST_256
|MEDIUM

|xref:sast-policy-259.adoc[Usage of profiling endpoint in production]
|CKV3_SAST_259
|HIGH

|xref:sast-policy-262.adoc[Binding to all network interfaces]
|CKV3_SAST_262
|MEDIUM


|===
Original file line number Diff line number Diff line change
Expand Up @@ -197,5 +197,9 @@
|CKV3_SAST_197
|MEDIUM

|xref:sast-policy-263.adoc[Risky usage of malicious Polyfill.io library]
|CKV3_SAST_197
|MEDIUM


|===

0 comments on commit fd189d0

Please sign in to comment.