Products Book A Demo Contact Us

Products Book A Demo Contact Us

Sec1 Documentation
Quick Start
Integration with Sec1
External Integrations
Static Application Security Testing
- SAST Java Rules
- SAST JavaScript Rules
SBOM Scanner
- Config
- Scan
CISO Console
Pricing & Billing
CVE API

Powered by GitBook

On this page

Overview
Description
Remediation Guidelines
References
Configuration

Static Application Security Testing

SAST JavaScript Rules

Leakage of sensitive data to New Relic

Overview

Rule ID: javascript_third_parties_new_relic
Applicable Languages: Javascript
Weakness ID: CWE-201

Description

Exposing sensitive data to third-party loggers such as New Relic is a frequent cause of data leaks and can result in data breaches.

Remediation Guidelines

Do ensure all sensitive data is removed when sending data to third-party loggers like New Relic

References

New Relic Docs
Log obfuscation
CWE-201: Insertion of Sensitive Information Into Sent Data
OWASP Top 10: A01:2021 - Broken Access Control

Configuration

To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our SAST TOOL

PreviousLeakage of sensitive data to HoneyBadger NextLeakage of sensitive data to OpenTelemetry

Last updated 8 months ago