From fd189d0568f19f141f6a0bf3f2b79ef35aa3824a Mon Sep 17 00:00:00 2001 From: Taylor Date: Wed, 31 Jul 2024 10:40:12 -0700 Subject: [PATCH] Add summaries and book --- .../policy-reference/book.yml | 50 +++++++++++++--- .../go-policies/go-policies.adoc | 60 +++++++++++++++++++ .../javascript-policies.adoc | 4 ++ 3 files changed, 105 insertions(+), 9 deletions(-) diff --git a/docs/en/enterprise-edition/policy-reference/book.yml b/docs/en/enterprise-edition/policy-reference/book.yml index e80e1f775a..45af5c9dd1 100644 --- a/docs/en/enterprise-edition/policy-reference/book.yml +++ b/docs/en/enterprise-edition/policy-reference/book.yml @@ -2935,15 +2935,45 @@ kind: chapter name: SAST Policies dir: sast-policies topics: - - name: SAST Policies - file: sast-policies.adoc - - name: Go policies - dir: go-policies - topics: - - name: SAST Go Policy Index - file: go-policies.adoc - - name: Insecure SSH ignoring host key validation - file: sast-policy-198.adoc +- name: SAST Policies + file: sast-policies.adoc +- name: Go policies + dir: go-policies + topics: + - name: SAST Go Policy Index + file: go-policies.adoc + - name: Insecure SSH ignoring host key validation + file: sast-policy-198.adoc + - name: Weak RSA key length + file: sast-policy-200.adoc + - name: Usage of weak DES encryption algorithms + file: sast-policy-239.adoc + - name: Usage of weak MD5 hashing algorithm + file: sast-policy-240.adoc + - name: Usage of insecure RC4 cipher + file: sast-policy-241.adoc + - name: Usage of insecure SHA1 hashing algorithm + file: sast-policy-242.adoc + - name: Unsafe Go package in use + file: sast-policy-243.adoc + - name: Usage of weak random key generation + file: sast-policy-248.adoc + - name: Excessive directory permissions in Go applications + file: sast-policy-249.adoc + - name: Excessive file modification permissions + file: sast-policy-250.adoc + - name: Use of root directory in HTTP handler + file: sast-policy-253.adoc + - name: Excessive file write permissions + file: sast-policy-254.adoc + - name: Unsecured Creation of Temporary Files + file: sast-policy-255.adoc + - name: Missing HTTP server timeouts + file: sast-policy-256.adoc + - name: Usage of profiling endpoint in production + file: sast-policy-259.adoc + - name: Binding to all network interfaces + file: sast-policy-262.adoc - name: Java policies dir: java-policies topics: @@ -3207,6 +3237,8 @@ topics: file: sast-policy-196.adoc - name: Unrobust cryptographic keys file: sast-policy-197.adoc + - name: Risky usage of malicious Polyfill.io library + file: sast-policy-263.adoc - name: Python policies dir: python-policies topics: diff --git a/docs/en/enterprise-edition/policy-reference/sast-policies/go-policies/go-policies.adoc b/docs/en/enterprise-edition/policy-reference/sast-policies/go-policies/go-policies.adoc index 5df975d790..aaf4585718 100644 --- a/docs/en/enterprise-edition/policy-reference/sast-policies/go-policies/go-policies.adoc +++ b/docs/en/enterprise-edition/policy-reference/sast-policies/go-policies/go-policies.adoc @@ -9,5 +9,65 @@ |CKV3_SAST_198 |LOW +|xref:sast-policy-200.adoc[Weak RSA key length] +|CKV3_SAST_200 +|MEDIUM + +|xref:sast-policy-239.adoc[Usage of weak DES encryption algorithms] +|CKV3_SAST_239 +|MEDIUM + +|xref:sast-policy-240.adoc[Usage of weak MD5 hashing algorithm] +|CKV3_SAST_240 +|MEDIUM + +|xref:sast-policy-241.adoc[Usage of insecure RC4 cipher] +|CKV3_SAST_241 +|LOW + +|xref:sast-policy-242.adoc[Usage of insecure SHA1 hashing algorithm] +|CKV3_SAST_242 +|LOW + +|xref:sast-policy-243.adoc[Unsafe Go package in use] +|CKV3_SAST_243 +|LOW + +|xref:sast-policy-248.adoc[Usage of weak random key generation] +|CKV3_SAST_248 +|MEDIUM + +|xref:sast-policy-249.adoc[Excessive directory permissions in Go applications] +|CKV3_SAST_249 +|MEDIUM + +|xref:sast-policy-250.adoc[Excessive file modification permissions] +|CKV3_SAST_250 +|MEDIUM + +|xref:sast-policy-253.adoc[Use of root directory in HTTP handler] +|CKV3_SAST_253 +|MEDIUM + +|xref:sast-policy-254.adoc[Excessive file write permissions] +|CKV3_SAST_254 +|MEDIUM + +|xref:sast-policy-255.adoc[Unsecured Creation of Temporary Files] +|CKV3_SAST_255 +|MEDIUM + +|xref:sast-policy-256.adoc[Missing HTTP server timeouts] +|CKV3_SAST_256 +|MEDIUM + +|xref:sast-policy-259.adoc[Usage of profiling endpoint in production] +|CKV3_SAST_259 +|HIGH + +|xref:sast-policy-262.adoc[Binding to all network interfaces] +|CKV3_SAST_262 +|MEDIUM + |=== \ No newline at end of file diff --git a/docs/en/enterprise-edition/policy-reference/sast-policies/javascript-policies/javascript-policies.adoc b/docs/en/enterprise-edition/policy-reference/sast-policies/javascript-policies/javascript-policies.adoc index 489f97754d..2553766790 100644 --- a/docs/en/enterprise-edition/policy-reference/sast-policies/javascript-policies/javascript-policies.adoc +++ b/docs/en/enterprise-edition/policy-reference/sast-policies/javascript-policies/javascript-policies.adoc @@ -197,5 +197,9 @@ |CKV3_SAST_197 |MEDIUM +|xref:sast-policy-263.adoc[Risky usage of malicious Polyfill.io library] +|CKV3_SAST_197 +|MEDIUM + |=== \ No newline at end of file