You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Page 31 - The Malicious Code Section wording as a bit difficult to read, wordy
We should try to use positive wording
Examples:
V13.1 Verify that no malicious code is in any code that was either developed or modified in order to create the application.
V13.3 Verify that all code implementing or using authentication controls is not affected by any malicious code.
V13.6 Verify that all input validation controls are not affected by any malicious code.
V13.7 Verify that all code implementing or using output validation controls is not affected by any malicious code.
Possible Solutions:
13.1 Verify that the code used to develop or create the application is free of malicious code.
13.3 Verify that malicious code cannot affect code that implements or uses authentication controls
13.6 Verify that malicious code cannot affect input validation controls.
13.7 Verify that malicious code cannot affect code that implements or uses output validation controls.
“Affect” may be changed to, “interact with” or “impact”
The text was updated successfully, but these errors were encountered:
Page 31 - The Malicious Code Section wording as a bit difficult to read, wordy
We should try to use positive wording
Examples:
V13.1 Verify that no malicious code is in any code that was either developed or modified in order to create the application.
V13.3 Verify that all code implementing or using authentication controls is not affected by any malicious code.
V13.6 Verify that all input validation controls are not affected by any malicious code.
V13.7 Verify that all code implementing or using output validation controls is not affected by any malicious code.
Possible Solutions:
13.1 Verify that the code used to develop or create the application is free of malicious code.
13.3 Verify that malicious code cannot affect code that implements or uses authentication controls
13.6 Verify that malicious code cannot affect input validation controls.
13.7 Verify that malicious code cannot affect code that implements or uses output validation controls.
“Affect” may be changed to, “interact with” or “impact”
The text was updated successfully, but these errors were encountered: