CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Products
  • Control Center
  • Pull Request Review
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
      • Lang
        • Best-practice
        • Performance
        • Security
          • Ncino
            • Dml
            • Encryption
            • Endpoints
            • Injection
            • Sharing
            • System
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
    • Typescript
    • Yaml
IDE
  • Setup
  • Review
  • Enhancements
Cloud Security
  • AWS
  • GCP
  • Azure
Resources
  • Open Source
  • Blogs
Ncino

Endpoints

insecure-http-request

The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-319: Cleartext Transmission of Sensitive Information

named-credentials-string-match

Named Credentials (and callout endpoints) should be used instead of hard-coding credentials. 1. Hard-coded credentials are hard to maintain when mixed in with application code. 2. It is particularly hard to update hard-coded credentials when they are used amongst different classes. 3. Granting a developer access to the codebase means granting knowledge of credentials, and thus keeping a two-level access is not possible. 4. Using different credentials for different environments is troublesome and error-prone.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-540: Inclusion of Sensitive Information in Source Code

named-credentials-constant-match

Named Credentials (and callout endpoints) should be used instead of hard-coding credentials. 1. Hard-coded credentials are hard to maintain when mixed in with application code. 2. It is particularly hard to update hard-coded credentials when they are used amongst different classes. 3. Granting a developer access to the codebase means granting knowledge of credentials, and thus keeping a two-level access is not possible. 4. Using different credentials for different environments is troublesome and error-prone.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-540: Inclusion of Sensitive Information in Source Code
EncryptionInjection
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.