Products Book A Demo Contact Us

Products Book A Demo Contact Us

Sec1 Documentation
Quick Start
Integration with Sec1
External Integrations
Static Application Security Testing
- SAST Java Rules
- SAST JavaScript Rules
SBOM Scanner
- Config
- Scan
CISO Console
Pricing & Billing
CVE API

Powered by GitBook

On this page

Overview
Description
Remediation Guidelines
References
Configuration

Static Application Security Testing

SAST JavaScript Rules

Leakage of sensitive data to Datadog RUM

PreviousLeakage of sensitive data to Bugsnag NextLeakage of sensitive data to Datadog

Last updated 8 months ago

Overview

Rule ID: javascript_third_parties_datadog_browser
Applicable Languages: Javascript
Weakness ID: CWE-201

Description

Sensitive and private data on your pages may be sent to Datadog to identify elements with which a user interacted.

Remediation Guidelines

Control the information sent to Datadog by either manually setting an action name or applying a global scrubbing rule in the Datadog Browser SDK for RUM.

References

Configuration

To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our

Datadog docs

Scrubbing data

OWASP logging cheat sheet

CWE-201: Insertion of Sensitive Information Into Sent Data

OWASP Top 10: A01:2021 - Broken Access Control