CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
  • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
        • Biometrics-and-auth
        • Commoncrypto
        • Cryptoswift
        • Insecure-communication
          • Ats
            • Ats-ct
              • ATS consider ct
            • Ats-insecure-website-load
            • Ats-load
            • Ats-local
            • Ats-media-load
            • Ats-pfs
            • Ats-pinning
            • Ats-pins
            • Ats-tls
          • Sect
        • Lang
        • Pathtraversal
        • Sql
        • Sqllite
        • Webview
        • Webview
      • Terraform
      • Typescript
      • Yaml
    Ats-ct

    ATS consider ct

    The application’s App Transport Security (ATS) configuration does not leverage the Certificate Transparency option. By opting in for Certificate Transparency (CT), rogue CA or compromised CA issued certificates may be identified and blocked, creating a more reliably secure TLS channel.
    Likelihood: LOW
    Confidence: HIGH
    CWE:
    - C
    - W
    - E
    - -
    - 2
    - 9
    - 5
    - :
    -

    - I
    - m
    - p
    - r
    - o
    - p
    - e
    - r
    -

    - C
    - e
    - r
    - t
    - i
    - f
    - i
    - c
    - a
    - t
    - e
    -

    - V
    - a
    - l
    - i
    - d
    - a
    - t
    - i
    - o
    - n
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A07:2021 - Identification and Authentication Failures

    Scrypt hardcoded secretATS insecure webview loads
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.