简体繁体中英

owasp sensitive data prevention in java

原文 2016-04-25 07:46:40 5 1 java/ owasp

owasp sensitive data prevention in java

In my code I wrote following line and got A6-Sensitive Data Exposure- Heap Inspection

private String password;

How should I change this code for owasp sensitive data prevention in java?

1 answers

Still not clear which tool gave you this warning at this line (it is unlikely that it was the dependency check). I can only guess the tool wants passwords to be stored in a char[] rather than a String .

The reasoning is that you can overwrite the password with blanks if it is no longer needed and therefore minimise the chance that it shows up in heap dumps.

Java - store sensitive data

Encrypting sensitive application data in Java

Sensitive data in java heap dumps

Java JNI stackfall prevention

Java Window Duplication Prevention

Storing/Reading sensitive data from Java program

Storing sensitive data in java(android) at runtime

Passing sensitive data from C to Java

Hide sensitive data in an association relationship in java @JsonProperty

Java: Owasp AntiSamy vs Owasp-java-html-sanitize

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Java - store sensitive data Encrypting sensitive application data in Java Sensitive data in java heap dumps Java JNI stackfall prevention Java Window Duplication Prevention Storing/Reading sensitive data from Java program Storing sensitive data in java(android) at runtime Passing sensitive data from C to Java Hide sensitive data in an association relationship in java @JsonProperty Java: Owasp AntiSamy vs Owasp-java-html-sanitize

Related Tags

owasp sensitive data prevention in java

Question

1 answers

solution1 0 2016-04-25 08:51:53

solution1
0 2016-04-25 08:51:53