CodeAnt AI home page

Dashboard
Dashboard

Demo Call with CEO

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
  - Angular
  - Aws-cdk
    - Security
    - Security
      - Audit
  - Lang
  - Nestjs
  - Nextjs
  - React
  - Typescript
- Yaml
Open Source
Blogs

Security

Audit

awscdk-bucket-encryption

Add “encryption:

Y.BucketEncryption.KMS_MANAGED" or "encryption:

Y.BucketEncryption.S3_MANAGED” to the bucket props for Bucket construct $X
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-311: Missing Encryption of Sensitive Data
OWASP:
- A03:2017 - Sensitive Data Exposure
- A04:2021 - Insecure Design

aws-cdk-bucket-enforcessl

Bucket $X is not set to enforce encryption-in-transit, if not explictly setting this on the bucket policy - the property “enforceSSL” should be set to true
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-319: Cleartext Transmission of Sensitive Information
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

awscdk-sqs-unencryptedqueue

Queue

X is missing encryption at rest. Add "encryption:

Y.QueueEncryption.KMS” or “encryption: $Y.QueueEncryption.KMS_MANAGED” to the queue props to enable encryption at rest for the queue.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-311: Missing Encryption of Sensitive Data
OWASP:
- A03:2017 - Sensitive Data Exposure
- A04:2021 - Insecure Design

Security Best practice

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.