> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# ATS consider pinning

<AccordionGroup>
  <Accordion title="ATS-consider-pinning">
    The application's App Transport Security (ATS) configuration does not leverage the in-built public key pinning mechanisms. The application should consider leverage ATS public key pinning to ensure that the application only communicates to serves with an allow-listed certificate (and public key). By default the device will allow connections if the default trust store (CA store) posesses the right certificates. The number of accepted Certificate Authorities by default is hundreds. Using public key pinning vastly reduces the attack surface.<br />**Likelihood**: LOW<br />**Confidence**: HIGH<br />**CWE**: <br />- C
    <br />- W
    <br />- E
    <br />- -
    <br />- 2
    <br />- 9
    <br />- 6
    <br />- :
    <br />-\
    <br />- I
    <br />- m
    <br />- p
    <br />- r
    <br />- o
    <br />- p
    <br />- e
    <br />- r
    <br />-\
    <br />- F
    <br />- o
    <br />- l
    <br />- l
    <br />- o
    <br />- w
    <br />- i
    <br />- n
    <br />- g
    <br />-\
    <br />- o
    <br />- f
    <br />-\
    <br />- a
    <br />-\
    <br />- C
    <br />- e
    <br />- r
    <br />- t
    <br />- i
    <br />- f
    <br />- i
    <br />- c
    <br />- a
    <br />- t
    <br />- e
    <br />- '
    <br />- s
    <br />-\
    <br />- C
    <br />- h
    <br />- a
    <br />- i
    <br />- n
    <br />-\
    <br />- o
    <br />- f
    <br />-\
    <br />- T
    <br />- r
    <br />- u
    <br />- s
    <br />- t
  </Accordion>
</AccordionGroup>