diff options
Diffstat (limited to 'exampleSite/content/content-and-customization/00-adding-content/page-skwad/ex-checklist/webappsec/05_commonvuln_UseofCryptography.md')
-rw-r--r-- | exampleSite/content/content-and-customization/00-adding-content/page-skwad/ex-checklist/webappsec/05_commonvuln_UseofCryptography.md | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/exampleSite/content/content-and-customization/00-adding-content/page-skwad/ex-checklist/webappsec/05_commonvuln_UseofCryptography.md b/exampleSite/content/content-and-customization/00-adding-content/page-skwad/ex-checklist/webappsec/05_commonvuln_UseofCryptography.md new file mode 100644 index 0000000..ee42846 --- /dev/null +++ b/exampleSite/content/content-and-customization/00-adding-content/page-skwad/ex-checklist/webappsec/05_commonvuln_UseofCryptography.md @@ -0,0 +1,12 @@ +--- +hidden: true +ignoresearch: true +--- + + +You previously mentioned that your application uses cryptography to ensure the confidentiality and/or integrity of information. That's great! But we want to make sure you're using cryptography correctly. + +Note: when using cryptography, make sure algorithms are used in the right context and within appropriate constraints. For example, encrypting a session ID does not prevent an attacker from manipulating it. Similarly, a signature does not protect a message's confidentiality. + +**Describe your use of cryptography (what information is encrypted/signed, how, why, what algorithms are used, etc.). Be as specific and precise as possible:** +{{<c/text "webvuln_crypto_details" multi />}} |