@zerothreatai/vulnerability-registry 5.0.0 → 7.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/compliance-codes.d.ts +207 -0
- package/dist/compliance-codes.js +213 -0
- package/dist/compliances/gdpr.d.ts +2 -0
- package/dist/compliances/gdpr.js +252 -0
- package/dist/compliances/helpers.d.ts +6 -0
- package/dist/compliances/helpers.js +12 -0
- package/dist/compliances/hipaa.d.ts +2 -0
- package/dist/compliances/hipaa.js +187 -0
- package/dist/compliances/index.d.ts +5 -0
- package/dist/compliances/index.js +5 -0
- package/dist/compliances/owasp.d.ts +2 -0
- package/dist/compliances/owasp.js +127 -0
- package/dist/compliances/pci-dss.d.ts +2 -0
- package/dist/compliances/pci-dss.js +260 -0
- package/dist/compliances/sans-top-25.d.ts +2 -0
- package/dist/compliances/sans-top-25.js +242 -0
- package/dist/index.d.ts +7 -1
- package/dist/index.js +7 -1
- package/dist/types.d.ts +33 -0
- package/dist/types.js +11 -1
- package/dist-cjs/compliance-codes.js +216 -0
- package/dist-cjs/compliances/gdpr.js +255 -0
- package/dist-cjs/compliances/helpers.js +20 -0
- package/dist-cjs/compliances/hipaa.js +190 -0
- package/dist-cjs/compliances/index.js +13 -0
- package/dist-cjs/compliances/owasp.js +130 -0
- package/dist-cjs/compliances/pci-dss.js +263 -0
- package/dist-cjs/compliances/sans-top-25.js +245 -0
- package/dist-cjs/index.js +12 -1
- package/dist-cjs/types.js +12 -0
- package/package.json +6 -1
- package/src/compliance-codes.ts +216 -0
- package/src/compliances/README.md +82 -0
- package/src/compliances/gdpr.ts +258 -0
- package/src/compliances/helpers.ts +31 -0
- package/src/compliances/hipaa.ts +193 -0
- package/src/compliances/index.ts +5 -0
- package/src/compliances/owasp.ts +133 -0
- package/src/compliances/pci-dss.ts +266 -0
- package/src/compliances/sans-top-25.ts +246 -0
- package/src/index.ts +12 -1
- package/src/types.ts +40 -4
|
@@ -0,0 +1,207 @@
|
|
|
1
|
+
export declare enum ComplianceCode {
|
|
2
|
+
OWASP_A1_BROKEN_ACCESS_CONTROL = "OWASP_A1_BROKEN_ACCESS_CONTROL",
|
|
3
|
+
OWASP_A2_CRYPTOGRAPHIC_FAILURES = "OWASP_A2_CRYPTOGRAPHIC_FAILURES",
|
|
4
|
+
OWASP_A3_INJECTION_FLAWS = "OWASP_A3_INJECTION_FLAWS",
|
|
5
|
+
OWASP_A4_INSECURE_DESIGN = "OWASP_A4_INSECURE_DESIGN",
|
|
6
|
+
OWASP_A5_SECURITY_MISCONFIGURATION = "OWASP_A5_SECURITY_MISCONFIGURATION",
|
|
7
|
+
OWASP_A6_VULNERABLE_OUTDATED_COMPONENTS = "OWASP_A6_VULNERABLE_OUTDATED_COMPONENTS",
|
|
8
|
+
OWASP_A7_IDENTIFICATION_AUTH_FAILURE = "OWASP_A7_IDENTIFICATION_AUTH_FAILURE",
|
|
9
|
+
OWASP_A8_SOFTWARE_DATA_INTEGRITY_FAILURE = "OWASP_A8_SOFTWARE_DATA_INTEGRITY_FAILURE",
|
|
10
|
+
OWASP_A9_LOGGING_MONITORING_FAILURES = "OWASP_A9_LOGGING_MONITORING_FAILURES",
|
|
11
|
+
OWASP_A10_SSRF = "OWASP_A10_SSRF",
|
|
12
|
+
HIPAA_164_105_PROTECT_PRIVATE_HEALTH_INFO = "HIPAA_164_105_PROTECT_PRIVATE_HEALTH_INFO",
|
|
13
|
+
HIPAA_164_306_A_1_KEEP_INFO_SAFE = "HIPAA_164_306_A_1_KEEP_INFO_SAFE",
|
|
14
|
+
HIPAA_164_306_A_2_PROTECT_AGAINST_THREATS = "HIPAA_164_306_A_2_PROTECT_AGAINST_THREATS",
|
|
15
|
+
HIPAA_164_306_A_3_STOP_UNAUTHORIZED_ACCESS = "HIPAA_164_306_A_3_STOP_UNAUTHORIZED_ACCESS",
|
|
16
|
+
HIPAA_164_308_A_1_I_PREVENT_FIX_PROBLEMS = "HIPAA_164_308_A_1_I_PREVENT_FIX_PROBLEMS",
|
|
17
|
+
HIPAA_164_308_A_1_II_B_LOWER_SECURITY_RISKS = "HIPAA_164_308_A_1_II_B_LOWER_SECURITY_RISKS",
|
|
18
|
+
HIPAA_164_308_A_5_II_B_BLOCK_MALWARE = "HIPAA_164_308_A_5_II_B_BLOCK_MALWARE",
|
|
19
|
+
HIPAA_164_308_A_5_II_C_WATCH_LOGINS = "HIPAA_164_308_A_5_II_C_WATCH_LOGINS",
|
|
20
|
+
HIPAA_164_308_A_5_II_D_PROTECT_PASSWORDS = "HIPAA_164_308_A_5_II_D_PROTECT_PASSWORDS",
|
|
21
|
+
HIPAA_164_308_A_7_I_PLAN_EMERGENCIES = "HIPAA_164_308_A_7_I_PLAN_EMERGENCIES",
|
|
22
|
+
HIPAA_164_312_A_1_CONTROL_ACCESS = "HIPAA_164_312_A_1_CONTROL_ACCESS",
|
|
23
|
+
HIPAA_164_312_C_1_PREVENT_CHANGES = "HIPAA_164_312_C_1_PREVENT_CHANGES",
|
|
24
|
+
HIPAA_164_312_D_VERIFY_IDENTITY = "HIPAA_164_312_D_VERIFY_IDENTITY",
|
|
25
|
+
HIPAA_164_312_E_1_PROTECT_ONLINE_INFO = "HIPAA_164_312_E_1_PROTECT_ONLINE_INFO",
|
|
26
|
+
HIPAA_164_312_E_2_I_PREVENT_UNAUTHORIZED_CHANGES = "HIPAA_164_312_E_2_I_PREVENT_UNAUTHORIZED_CHANGES",
|
|
27
|
+
HIPAA_164_312_E_2_II_USE_ENCRYPTION = "HIPAA_164_312_E_2_II_USE_ENCRYPTION",
|
|
28
|
+
HIPAA_164_530_C_2_I_KEEP_INFO_SHARED = "HIPAA_164_530_C_2_I_KEEP_INFO_SHARED",
|
|
29
|
+
GDPR_A_10_1_1_DOCUMENTED_OPERATING_PROCEDURES = "GDPR_A_10_1_1_DOCUMENTED_OPERATING_PROCEDURES",
|
|
30
|
+
GDPR_A_10_1_2_CHANGE_MANAGEMENT = "GDPR_A_10_1_2_CHANGE_MANAGEMENT",
|
|
31
|
+
GDPR_A_10_1_3_SEGREGATION_OF_DUTIES = "GDPR_A_10_1_3_SEGREGATION_OF_DUTIES",
|
|
32
|
+
GDPR_A_10_1_4_SEPARATION_DEV_TEST_OPS = "GDPR_A_10_1_4_SEPARATION_DEV_TEST_OPS",
|
|
33
|
+
GDPR_A_10_2_1_SERVICE_DELIVERY = "GDPR_A_10_2_1_SERVICE_DELIVERY",
|
|
34
|
+
GDPR_A_10_2_2_MONITORING_THIRD_PARTY_SERVICES = "GDPR_A_10_2_2_MONITORING_THIRD_PARTY_SERVICES",
|
|
35
|
+
GDPR_A_10_2_3_MANAGING_CHANGES_THIRD_PARTY = "GDPR_A_10_2_3_MANAGING_CHANGES_THIRD_PARTY",
|
|
36
|
+
GDPR_A_10_3_1_CAPACITY_MANAGEMENT = "GDPR_A_10_3_1_CAPACITY_MANAGEMENT",
|
|
37
|
+
GDPR_A_10_3_2_SYSTEM_ACCEPTANCE = "GDPR_A_10_3_2_SYSTEM_ACCEPTANCE",
|
|
38
|
+
GDPR_A_10_4_1_CONTROLS_AGAINST_MALICIOUS_CODE = "GDPR_A_10_4_1_CONTROLS_AGAINST_MALICIOUS_CODE",
|
|
39
|
+
GDPR_A_10_4_2_CONTROLS_AGAINST_MOBILE_CODE = "GDPR_A_10_4_2_CONTROLS_AGAINST_MOBILE_CODE",
|
|
40
|
+
GDPR_A_10_5_1_INFORMATION_BACK_UP = "GDPR_A_10_5_1_INFORMATION_BACK_UP",
|
|
41
|
+
GDPR_A_10_6_1_NETWORK_CONTROLS = "GDPR_A_10_6_1_NETWORK_CONTROLS",
|
|
42
|
+
GDPR_A_10_6_2_SECURITY_OF_NETWORK_SERVICES = "GDPR_A_10_6_2_SECURITY_OF_NETWORK_SERVICES",
|
|
43
|
+
GDPR_A_10_7_1_MANAGEMENT_REMOVABLE_MEDIA = "GDPR_A_10_7_1_MANAGEMENT_REMOVABLE_MEDIA",
|
|
44
|
+
GDPR_A_10_7_2_DISPOSAL_OF_MEDIA = "GDPR_A_10_7_2_DISPOSAL_OF_MEDIA",
|
|
45
|
+
GDPR_A_10_7_3_INFORMATION_HANDLING_PROCEDURES = "GDPR_A_10_7_3_INFORMATION_HANDLING_PROCEDURES",
|
|
46
|
+
GDPR_A_10_7_4_SECURITY_SYSTEM_DOCUMENTATION = "GDPR_A_10_7_4_SECURITY_SYSTEM_DOCUMENTATION",
|
|
47
|
+
GDPR_A_10_8_1_INFO_EXCHANGE_POLICIES = "GDPR_A_10_8_1_INFO_EXCHANGE_POLICIES",
|
|
48
|
+
GDPR_A_10_8_2_EXCHANGE_AGREEMENTS = "GDPR_A_10_8_2_EXCHANGE_AGREEMENTS",
|
|
49
|
+
GDPR_A_10_8_3_PHYSICAL_MEDIA_IN_TRANSIT = "GDPR_A_10_8_3_PHYSICAL_MEDIA_IN_TRANSIT",
|
|
50
|
+
GDPR_A_10_8_4_ELECTRONIC_MESSAGING = "GDPR_A_10_8_4_ELECTRONIC_MESSAGING",
|
|
51
|
+
GDPR_A_10_8_5_BUSINESS_INFORMATION_SYSTEMS = "GDPR_A_10_8_5_BUSINESS_INFORMATION_SYSTEMS",
|
|
52
|
+
GDPR_A_10_9_1_ELECTRONIC_COMMERCE = "GDPR_A_10_9_1_ELECTRONIC_COMMERCE",
|
|
53
|
+
GDPR_A_10_9_2_ONLINE_TRANSACTIONS = "GDPR_A_10_9_2_ONLINE_TRANSACTIONS",
|
|
54
|
+
GDPR_A_10_9_3_PUBLICLY_AVAILABLE = "GDPR_A_10_9_3_PUBLICLY_AVAILABLE",
|
|
55
|
+
GDPR_A_10_10_1_AUDIT_LOGGING = "GDPR_A_10_10_1_AUDIT_LOGGING",
|
|
56
|
+
GDPR_A_10_10_2_MONITORING_SYSTEM_USE = "GDPR_A_10_10_2_MONITORING_SYSTEM_USE",
|
|
57
|
+
GDPR_A_10_10_3_PROTECTION_OF_LOG_INFORMATION = "GDPR_A_10_10_3_PROTECTION_OF_LOG_INFORMATION",
|
|
58
|
+
GDPR_A_10_10_4_ADMINISTRATOR_OPERATOR_LOGS = "GDPR_A_10_10_4_ADMINISTRATOR_OPERATOR_LOGS",
|
|
59
|
+
GDPR_A_10_10_5_FAULT_LOGGING = "GDPR_A_10_10_5_FAULT_LOGGING",
|
|
60
|
+
GDPR_A_10_10_6_CLOCK_SYNCHRONIZATION = "GDPR_A_10_10_6_CLOCK_SYNCHRONIZATION",
|
|
61
|
+
GDPR_A_11_1_1_ACCESS_CONTROL_POLICY = "GDPR_A_11_1_1_ACCESS_CONTROL_POLICY",
|
|
62
|
+
GDPR_A_11_2_1_USER_REGISTRATION = "GDPR_A_11_2_1_USER_REGISTRATION",
|
|
63
|
+
GDPR_A_11_2_2_PRIVILEGE_MANAGEMENT = "GDPR_A_11_2_2_PRIVILEGE_MANAGEMENT",
|
|
64
|
+
GDPR_A_11_2_3_USER_PASSWORD_MANAGEMENT = "GDPR_A_11_2_3_USER_PASSWORD_MANAGEMENT",
|
|
65
|
+
GDPR_A_11_2_4_REVIEW_USER_ACCESS_RIGHTS = "GDPR_A_11_2_4_REVIEW_USER_ACCESS_RIGHTS",
|
|
66
|
+
GDPR_A_11_3_1_PASSWORD_USE = "GDPR_A_11_3_1_PASSWORD_USE",
|
|
67
|
+
GDPR_A_11_3_2_UNATTENDED_USER_EQUIPMENT = "GDPR_A_11_3_2_UNATTENDED_USER_EQUIPMENT",
|
|
68
|
+
GDPR_A_11_3_3_CLEAR_DESK_SCREEN_POLICY = "GDPR_A_11_3_3_CLEAR_DESK_SCREEN_POLICY",
|
|
69
|
+
GDPR_A_11_4_1_POLICY_USE_NETWORK_SERVICES = "GDPR_A_11_4_1_POLICY_USE_NETWORK_SERVICES",
|
|
70
|
+
GDPR_A_11_4_2_USER_AUTH_EXTERNAL_CONNECTIONS = "GDPR_A_11_4_2_USER_AUTH_EXTERNAL_CONNECTIONS",
|
|
71
|
+
GDPR_A_11_4_3_EQUIPMENT_IDENTIFICATION = "GDPR_A_11_4_3_EQUIPMENT_IDENTIFICATION",
|
|
72
|
+
GDPR_A_11_4_4_REMOTE_DIAGNOSTIC_PORT_PROTECTION = "GDPR_A_11_4_4_REMOTE_DIAGNOSTIC_PORT_PROTECTION",
|
|
73
|
+
GDPR_A_11_4_5_SEGREGATION_IN_NETWORKS = "GDPR_A_11_4_5_SEGREGATION_IN_NETWORKS",
|
|
74
|
+
GDPR_A_11_4_6_NETWORK_CONNECTION_CONTROL = "GDPR_A_11_4_6_NETWORK_CONNECTION_CONTROL",
|
|
75
|
+
GDPR_A_11_4_7_NETWORK_ROUTING_CONTROL = "GDPR_A_11_4_7_NETWORK_ROUTING_CONTROL",
|
|
76
|
+
GDPR_A_11_5_1_SECURE_LOG_ON = "GDPR_A_11_5_1_SECURE_LOG_ON",
|
|
77
|
+
GDPR_A_11_5_2_USER_ID_AND_AUTH = "GDPR_A_11_5_2_USER_ID_AND_AUTH",
|
|
78
|
+
GDPR_A_11_5_3_PASSWORD_MANAGEMENT_SYSTEM = "GDPR_A_11_5_3_PASSWORD_MANAGEMENT_SYSTEM",
|
|
79
|
+
GDPR_A_11_5_4_USE_OF_SYSTEM_UTILITIES = "GDPR_A_11_5_4_USE_OF_SYSTEM_UTILITIES",
|
|
80
|
+
GDPR_A_11_5_5_SESSION_TIMEOUT = "GDPR_A_11_5_5_SESSION_TIMEOUT",
|
|
81
|
+
GDPR_A_11_5_6_LIMITATION_CONNECTION_TIME = "GDPR_A_11_5_6_LIMITATION_CONNECTION_TIME",
|
|
82
|
+
GDPR_A_11_6_1_INFORMATION_ACCESS_RESTRICTION = "GDPR_A_11_6_1_INFORMATION_ACCESS_RESTRICTION",
|
|
83
|
+
GDPR_A_11_6_2_SENSITIVE_SYSTEM_ISOLATION = "GDPR_A_11_6_2_SENSITIVE_SYSTEM_ISOLATION",
|
|
84
|
+
GDPR_A_11_7_1_MOBILE_COMPUTING = "GDPR_A_11_7_1_MOBILE_COMPUTING",
|
|
85
|
+
GDPR_A_11_7_2_TELEWORKING = "GDPR_A_11_7_2_TELEWORKING",
|
|
86
|
+
GDPR_A_12_1_1_SECURITY_REQUIREMENTS_ANALYSIS = "GDPR_A_12_1_1_SECURITY_REQUIREMENTS_ANALYSIS",
|
|
87
|
+
GDPR_A_12_2_1_INPUT_DATA_VALIDATION = "GDPR_A_12_2_1_INPUT_DATA_VALIDATION",
|
|
88
|
+
GDPR_A_12_2_2_CONTROL_INTERNAL_PROCESSING = "GDPR_A_12_2_2_CONTROL_INTERNAL_PROCESSING",
|
|
89
|
+
GDPR_A_12_2_3_MESSAGE_INTEGRITY = "GDPR_A_12_2_3_MESSAGE_INTEGRITY",
|
|
90
|
+
GDPR_A_12_2_4_OUTPUT_DATA_VALIDATION = "GDPR_A_12_2_4_OUTPUT_DATA_VALIDATION",
|
|
91
|
+
GDPR_A_12_3_1_POLICY_CRYPTOGRAPHIC_CONTROLS = "GDPR_A_12_3_1_POLICY_CRYPTOGRAPHIC_CONTROLS",
|
|
92
|
+
GDPR_A_12_3_2_KEY_MANAGEMENT = "GDPR_A_12_3_2_KEY_MANAGEMENT",
|
|
93
|
+
GDPR_A_12_4_1_CONTROL_OPERATIONAL_SOFTWARE = "GDPR_A_12_4_1_CONTROL_OPERATIONAL_SOFTWARE",
|
|
94
|
+
GDPR_A_12_4_2_PROTECTION_SYSTEM_TEST_DATA = "GDPR_A_12_4_2_PROTECTION_SYSTEM_TEST_DATA",
|
|
95
|
+
GDPR_A_12_4_3_ACCESS_CONTROL_SOURCE_CODE = "GDPR_A_12_4_3_ACCESS_CONTROL_SOURCE_CODE",
|
|
96
|
+
GDPR_A_12_5_1_CHANGE_CONTROL_PROCEDURES = "GDPR_A_12_5_1_CHANGE_CONTROL_PROCEDURES",
|
|
97
|
+
GDPR_A_12_5_2_TECHNICAL_REVIEW_APPS = "GDPR_A_12_5_2_TECHNICAL_REVIEW_APPS",
|
|
98
|
+
GDPR_A_12_5_3_RESTRICTIONS_CHANGES_SOFTWARE = "GDPR_A_12_5_3_RESTRICTIONS_CHANGES_SOFTWARE",
|
|
99
|
+
GDPR_A_12_5_4_INFORMATION_LEAKAGE = "GDPR_A_12_5_4_INFORMATION_LEAKAGE",
|
|
100
|
+
GDPR_A_12_5_5_OUTSOURCED_SOFTWARE_DEV = "GDPR_A_12_5_5_OUTSOURCED_SOFTWARE_DEV",
|
|
101
|
+
GDPR_A_12_6_1_CONTROL_TECHNICAL_VULNERABILITIES = "GDPR_A_12_6_1_CONTROL_TECHNICAL_VULNERABILITIES",
|
|
102
|
+
PCI_REQ_1_INSTALL_FIREWALL = "PCI_REQ_1_INSTALL_FIREWALL",
|
|
103
|
+
PCI_REQ_2_1_CHANGE_DEFAULT_PASSWORDS = "PCI_REQ_2_1_CHANGE_DEFAULT_PASSWORDS",
|
|
104
|
+
PCI_REQ_2_2_1_ONE_PRIMARY_FUNCTION = "PCI_REQ_2_2_1_ONE_PRIMARY_FUNCTION",
|
|
105
|
+
PCI_REQ_2_2_2_ENABLE_NECESSARY_SERVICES = "PCI_REQ_2_2_2_ENABLE_NECESSARY_SERVICES",
|
|
106
|
+
PCI_REQ_2_2_3_SECURE_INSECURE_SERVICES = "PCI_REQ_2_2_3_SECURE_INSECURE_SERVICES",
|
|
107
|
+
PCI_REQ_2_2_4_CONFIGURE_SYSTEM_PARAMETERS = "PCI_REQ_2_2_4_CONFIGURE_SYSTEM_PARAMETERS",
|
|
108
|
+
PCI_REQ_2_2_5_STRENGTHEN_INSECURE_SERVICES = "PCI_REQ_2_2_5_STRENGTHEN_INSECURE_SERVICES",
|
|
109
|
+
PCI_REQ_2_3_ENCRYPT_NON_CONSOLE_ADMIN = "PCI_REQ_2_3_ENCRYPT_NON_CONSOLE_ADMIN",
|
|
110
|
+
PCI_REQ_A_1_1_ISOLATE_PROCESSES_CDE = "PCI_REQ_A_1_1_ISOLATE_PROCESSES_CDE",
|
|
111
|
+
PCI_REQ_A_1_2_RESTRICT_ENTITY_ACCESS = "PCI_REQ_A_1_2_RESTRICT_ENTITY_ACCESS",
|
|
112
|
+
PCI_REQ_A_1_3_ENABLE_UNIQUE_LOGGING = "PCI_REQ_A_1_3_ENABLE_UNIQUE_LOGGING",
|
|
113
|
+
PCI_REQ_A_1_4_ENABLE_FORENSIC_INVESTIGATION = "PCI_REQ_A_1_4_ENABLE_FORENSIC_INVESTIGATION",
|
|
114
|
+
PCI_REQ_3_1_MINIMIZE_DATA_STORAGE = "PCI_REQ_3_1_MINIMIZE_DATA_STORAGE",
|
|
115
|
+
PCI_REQ_3_2_1_NO_FULL_TRACK_DATA = "PCI_REQ_3_2_1_NO_FULL_TRACK_DATA",
|
|
116
|
+
PCI_REQ_3_2_2_NO_CVV_STORAGE = "PCI_REQ_3_2_2_NO_CVV_STORAGE",
|
|
117
|
+
PCI_REQ_3_2_3_NO_PIN_STORAGE = "PCI_REQ_3_2_3_NO_PIN_STORAGE",
|
|
118
|
+
PCI_REQ_3_3_MASK_PAN = "PCI_REQ_3_3_MASK_PAN",
|
|
119
|
+
PCI_REQ_3_4_RENDER_PAN_UNREADABLE = "PCI_REQ_3_4_RENDER_PAN_UNREADABLE",
|
|
120
|
+
PCI_REQ_3_5_PROTECT_ENCRYPTION_KEYS = "PCI_REQ_3_5_PROTECT_ENCRYPTION_KEYS",
|
|
121
|
+
PCI_REQ_3_6_KEY_MANAGEMENT_PROCESSES = "PCI_REQ_3_6_KEY_MANAGEMENT_PROCESSES",
|
|
122
|
+
PCI_REQ_3_7_DOCUMENT_POLICIES_STORED_DATA = "PCI_REQ_3_7_DOCUMENT_POLICIES_STORED_DATA",
|
|
123
|
+
PCI_REQ_4_1_STRONG_CRYPTO_TRANSMISSION = "PCI_REQ_4_1_STRONG_CRYPTO_TRANSMISSION",
|
|
124
|
+
PCI_REQ_4_2_NO_UNPROTECTED_PAN_MESSAGING = "PCI_REQ_4_2_NO_UNPROTECTED_PAN_MESSAGING",
|
|
125
|
+
PCI_REQ_4_3_ENCRYPTION_POLICIES_TRANSMISSION = "PCI_REQ_4_3_ENCRYPTION_POLICIES_TRANSMISSION",
|
|
126
|
+
PCI_REQ_5_PROTECT_MALWARE_ANTIVIRUS = "PCI_REQ_5_PROTECT_MALWARE_ANTIVIRUS",
|
|
127
|
+
PCI_REQ_6_1_IDENTIFY_RANK_VULNERABILITIES = "PCI_REQ_6_1_IDENTIFY_RANK_VULNERABILITIES",
|
|
128
|
+
PCI_REQ_6_2_INSTALL_SECURITY_PATCHES = "PCI_REQ_6_2_INSTALL_SECURITY_PATCHES",
|
|
129
|
+
PCI_REQ_6_3_1_SECURE_SOFTWARE_DEVELOPMENT = "PCI_REQ_6_3_1_SECURE_SOFTWARE_DEVELOPMENT",
|
|
130
|
+
PCI_REQ_6_3_2_CODE_REVIEW = "PCI_REQ_6_3_2_CODE_REVIEW",
|
|
131
|
+
PCI_REQ_6_4_1_SEPARATE_DEV_PROD = "PCI_REQ_6_4_1_SEPARATE_DEV_PROD",
|
|
132
|
+
PCI_REQ_6_4_2_SEPARATION_OF_DUTIES = "PCI_REQ_6_4_2_SEPARATION_OF_DUTIES",
|
|
133
|
+
PCI_REQ_6_4_3_NO_LIVE_DATA_TESTING = "PCI_REQ_6_4_3_NO_LIVE_DATA_TESTING",
|
|
134
|
+
PCI_REQ_6_4_4_REMOVE_TEST_DATA = "PCI_REQ_6_4_4_REMOVE_TEST_DATA",
|
|
135
|
+
PCI_REQ_6_5_1_PREVENT_INJECTION = "PCI_REQ_6_5_1_PREVENT_INJECTION",
|
|
136
|
+
PCI_REQ_6_5_2_PREVENT_BUFFER_OVERFLOW = "PCI_REQ_6_5_2_PREVENT_BUFFER_OVERFLOW",
|
|
137
|
+
PCI_REQ_6_5_3_SECURE_CRYPTOGRAPHIC_STORAGE = "PCI_REQ_6_5_3_SECURE_CRYPTOGRAPHIC_STORAGE",
|
|
138
|
+
PCI_REQ_6_5_4_SECURE_COMM_CHANNELS = "PCI_REQ_6_5_4_SECURE_COMM_CHANNELS",
|
|
139
|
+
PCI_REQ_6_5_5_PROPER_ERROR_HANDLING = "PCI_REQ_6_5_5_PROPER_ERROR_HANDLING",
|
|
140
|
+
PCI_REQ_6_5_6_ADDRESS_HIGH_RISK_VULNS = "PCI_REQ_6_5_6_ADDRESS_HIGH_RISK_VULNS",
|
|
141
|
+
PCI_REQ_6_5_7_PREVENT_XSS = "PCI_REQ_6_5_7_PREVENT_XSS",
|
|
142
|
+
PCI_REQ_6_5_8_PREVENT_ACCESS_CONTROL_VULNS = "PCI_REQ_6_5_8_PREVENT_ACCESS_CONTROL_VULNS",
|
|
143
|
+
PCI_REQ_6_5_9_PREVENT_CSRF = "PCI_REQ_6_5_9_PREVENT_CSRF",
|
|
144
|
+
PCI_REQ_6_5_10_PREVENT_BROKEN_AUTH = "PCI_REQ_6_5_10_PREVENT_BROKEN_AUTH",
|
|
145
|
+
PCI_REQ_6_6_PROTECT_PUBLIC_WEB_APPS = "PCI_REQ_6_6_PROTECT_PUBLIC_WEB_APPS",
|
|
146
|
+
PCI_REQ_6_7_DOCUMENT_POLICIES_SECURE_SYSTEMS = "PCI_REQ_6_7_DOCUMENT_POLICIES_SECURE_SYSTEMS",
|
|
147
|
+
PCI_REQ_7_RESTRICT_ACCESS_NEED_TO_KNOW = "PCI_REQ_7_RESTRICT_ACCESS_NEED_TO_KNOW",
|
|
148
|
+
PCI_REQ_7_1_1_DEFINE_ROLE_BASED_ACCESS = "PCI_REQ_7_1_1_DEFINE_ROLE_BASED_ACCESS",
|
|
149
|
+
PCI_REQ_7_1_2_RESTRICT_PRIVILEGED_USER = "PCI_REQ_7_1_2_RESTRICT_PRIVILEGED_USER",
|
|
150
|
+
PCI_REQ_7_1_3_ASSIGN_ACCESS_BY_ROLE = "PCI_REQ_7_1_3_ASSIGN_ACCESS_BY_ROLE",
|
|
151
|
+
PCI_REQ_7_1_4_DOCUMENTED_APPROVAL = "PCI_REQ_7_1_4_DOCUMENTED_APPROVAL",
|
|
152
|
+
PCI_REQ_7_2_ACCESS_CONTROL_NEED_TO_KNOW = "PCI_REQ_7_2_ACCESS_CONTROL_NEED_TO_KNOW",
|
|
153
|
+
PCI_REQ_7_3_DOCUMENT_POLICIES_CARDHOLDER_DATA = "PCI_REQ_7_3_DOCUMENT_POLICIES_CARDHOLDER_DATA",
|
|
154
|
+
PCI_REQ_8_1_1_ASSIGN_UNIQUE_IDS = "PCI_REQ_8_1_1_ASSIGN_UNIQUE_IDS",
|
|
155
|
+
PCI_REQ_8_1_2_CONTROL_USER_ID_MANAGEMENT = "PCI_REQ_8_1_2_CONTROL_USER_ID_MANAGEMENT",
|
|
156
|
+
PCI_REQ_8_1_3_REVOKE_TERMINATED_USERS = "PCI_REQ_8_1_3_REVOKE_TERMINATED_USERS",
|
|
157
|
+
PCI_REQ_8_1_4_REMOVE_INACTIVE_ACCOUNTS = "PCI_REQ_8_1_4_REMOVE_INACTIVE_ACCOUNTS",
|
|
158
|
+
PCI_REQ_8_1_5_MANAGE_THIRD_PARTY_IDS = "PCI_REQ_8_1_5_MANAGE_THIRD_PARTY_IDS",
|
|
159
|
+
PCI_REQ_8_1_6_LIMIT_REPEATED_ACCESS_ATTEMPTS = "PCI_REQ_8_1_6_LIMIT_REPEATED_ACCESS_ATTEMPTS",
|
|
160
|
+
PCI_REQ_8_1_7_ACCOUNT_LOCKOUT_DURATION = "PCI_REQ_8_1_7_ACCOUNT_LOCKOUT_DURATION",
|
|
161
|
+
PCI_REQ_8_1_8_SESSION_RE_AUTH_IDLE = "PCI_REQ_8_1_8_SESSION_RE_AUTH_IDLE",
|
|
162
|
+
PCI_REQ_8_2_1_ENCRYPT_CREDENTIALS = "PCI_REQ_8_2_1_ENCRYPT_CREDENTIALS",
|
|
163
|
+
PCI_REQ_8_2_2_VERIFY_IDENTITY_BEFORE_CHANGE = "PCI_REQ_8_2_2_VERIFY_IDENTITY_BEFORE_CHANGE",
|
|
164
|
+
PCI_REQ_8_2_3_PASSWORD_STRENGTH = "PCI_REQ_8_2_3_PASSWORD_STRENGTH",
|
|
165
|
+
PCI_REQ_8_2_4_PASSWORD_EXPIRATION = "PCI_REQ_8_2_4_PASSWORD_EXPIRATION",
|
|
166
|
+
PCI_REQ_8_2_5_PASSWORD_REUSE = "PCI_REQ_8_2_5_PASSWORD_REUSE",
|
|
167
|
+
PCI_REQ_8_2_6_UNIQUE_INITIAL_PASSWORD = "PCI_REQ_8_2_6_UNIQUE_INITIAL_PASSWORD",
|
|
168
|
+
PCI_REQ_8_3_SECURE_REMOTE_ACCESS_MFA = "PCI_REQ_8_3_SECURE_REMOTE_ACCESS_MFA",
|
|
169
|
+
PCI_REQ_8_4_DOCUMENT_AUTH_POLICIES = "PCI_REQ_8_4_DOCUMENT_AUTH_POLICIES",
|
|
170
|
+
PCI_REQ_8_5_1_UNIQUE_CREDS_SERVICE_PROVIDERS = "PCI_REQ_8_5_1_UNIQUE_CREDS_SERVICE_PROVIDERS",
|
|
171
|
+
PCI_REQ_8_6_AUTH_MECHANISMS_INDIVIDUAL = "PCI_REQ_8_6_AUTH_MECHANISMS_INDIVIDUAL",
|
|
172
|
+
PCI_REQ_8_7_RESTRICT_DB_ACCESS = "PCI_REQ_8_7_RESTRICT_DB_ACCESS",
|
|
173
|
+
PCI_REQ_8_8_DOCUMENT_AUTH_POLICIES_COMM = "PCI_REQ_8_8_DOCUMENT_AUTH_POLICIES_COMM",
|
|
174
|
+
PCI_REQ_9_RESTRICT_PHYSICAL_ACCESS = "PCI_REQ_9_RESTRICT_PHYSICAL_ACCESS",
|
|
175
|
+
PCI_REQ_10_4_SYNCHRONIZE_CLOCKS = "PCI_REQ_10_4_SYNCHRONIZE_CLOCKS",
|
|
176
|
+
PCI_REQ_10_5_SECURE_AUDIT_TRAILS = "PCI_REQ_10_5_SECURE_AUDIT_TRAILS",
|
|
177
|
+
PCI_REQ_10_6_REVIEW_LOGS = "PCI_REQ_10_6_REVIEW_LOGS",
|
|
178
|
+
PCI_REQ_10_7_RETAIN_AUDIT_TRAIL = "PCI_REQ_10_7_RETAIN_AUDIT_TRAIL",
|
|
179
|
+
PCI_REQ_10_9_DOCUMENT_ACCESS_MONITORING = "PCI_REQ_10_9_DOCUMENT_ACCESS_MONITORING",
|
|
180
|
+
PCI_REQ_11_REGULAR_TESTING = "PCI_REQ_11_REGULAR_TESTING",
|
|
181
|
+
PCI_REQ_12_INFO_SEC_POLICY = "PCI_REQ_12_INFO_SEC_POLICY",
|
|
182
|
+
SANS_TOP_25_CWE_79_XSS = "SANS_TOP_25_CWE_79_XSS",
|
|
183
|
+
SANS_TOP_25_CWE_787_OOB_WRITE = "SANS_TOP_25_CWE_787_OOB_WRITE",
|
|
184
|
+
SANS_TOP_25_CWE_89_SQLI = "SANS_TOP_25_CWE_89_SQLI",
|
|
185
|
+
SANS_TOP_25_CWE_352_CSRF = "SANS_TOP_25_CWE_352_CSRF",
|
|
186
|
+
SANS_TOP_25_CWE_22_PATH_TRAVERSAL = "SANS_TOP_25_CWE_22_PATH_TRAVERSAL",
|
|
187
|
+
SANS_TOP_25_CWE_125_OOB_READ = "SANS_TOP_25_CWE_125_OOB_READ",
|
|
188
|
+
SANS_TOP_25_CWE_78_OS_COMMAND_INJECTION = "SANS_TOP_25_CWE_78_OS_COMMAND_INJECTION",
|
|
189
|
+
SANS_TOP_25_CWE_416_USE_AFTER_FREE = "SANS_TOP_25_CWE_416_USE_AFTER_FREE",
|
|
190
|
+
SANS_TOP_25_CWE_862_MISSING_AUTHZ = "SANS_TOP_25_CWE_862_MISSING_AUTHZ",
|
|
191
|
+
SANS_TOP_25_CWE_434_UNRESTRICTED_UPLOAD = "SANS_TOP_25_CWE_434_UNRESTRICTED_UPLOAD",
|
|
192
|
+
SANS_TOP_25_CWE_94_CODE_INJECTION = "SANS_TOP_25_CWE_94_CODE_INJECTION",
|
|
193
|
+
SANS_TOP_25_CWE_20_INPUT_VALIDATION = "SANS_TOP_25_CWE_20_INPUT_VALIDATION",
|
|
194
|
+
SANS_TOP_25_CWE_77_COMMAND_INJECTION = "SANS_TOP_25_CWE_77_COMMAND_INJECTION",
|
|
195
|
+
SANS_TOP_25_CWE_287_IMPROPER_AUTH = "SANS_TOP_25_CWE_287_IMPROPER_AUTH",
|
|
196
|
+
SANS_TOP_25_CWE_269_PRIVILEGE_MGMT = "SANS_TOP_25_CWE_269_PRIVILEGE_MGMT",
|
|
197
|
+
SANS_TOP_25_CWE_502_UNTRUSTED_DESER = "SANS_TOP_25_CWE_502_UNTRUSTED_DESER",
|
|
198
|
+
SANS_TOP_25_CWE_200_INFO_EXPOSURE = "SANS_TOP_25_CWE_200_INFO_EXPOSURE",
|
|
199
|
+
SANS_TOP_25_CWE_863_INCORRECT_AUTHZ = "SANS_TOP_25_CWE_863_INCORRECT_AUTHZ",
|
|
200
|
+
SANS_TOP_25_CWE_918_SSRF = "SANS_TOP_25_CWE_918_SSRF",
|
|
201
|
+
SANS_TOP_25_CWE_119_MEMORY_BOUNDS = "SANS_TOP_25_CWE_119_MEMORY_BOUNDS",
|
|
202
|
+
SANS_TOP_25_CWE_476_NULL_DEREF = "SANS_TOP_25_CWE_476_NULL_DEREF",
|
|
203
|
+
SANS_TOP_25_CWE_798_HARDCODED_CREDS = "SANS_TOP_25_CWE_798_HARDCODED_CREDS",
|
|
204
|
+
SANS_TOP_25_CWE_190_INTEGER_OVERFLOW = "SANS_TOP_25_CWE_190_INTEGER_OVERFLOW",
|
|
205
|
+
SANS_TOP_25_CWE_400_RESOURCE_CONSUMPTION = "SANS_TOP_25_CWE_400_RESOURCE_CONSUMPTION",
|
|
206
|
+
SANS_TOP_25_CWE_306_MISSING_AUTH = "SANS_TOP_25_CWE_306_MISSING_AUTH"
|
|
207
|
+
}
|
|
@@ -0,0 +1,213 @@
|
|
|
1
|
+
export var ComplianceCode;
|
|
2
|
+
(function (ComplianceCode) {
|
|
3
|
+
// --- OWASP (ComplianceId: 1) ---
|
|
4
|
+
ComplianceCode["OWASP_A1_BROKEN_ACCESS_CONTROL"] = "OWASP_A1_BROKEN_ACCESS_CONTROL";
|
|
5
|
+
ComplianceCode["OWASP_A2_CRYPTOGRAPHIC_FAILURES"] = "OWASP_A2_CRYPTOGRAPHIC_FAILURES";
|
|
6
|
+
ComplianceCode["OWASP_A3_INJECTION_FLAWS"] = "OWASP_A3_INJECTION_FLAWS";
|
|
7
|
+
ComplianceCode["OWASP_A4_INSECURE_DESIGN"] = "OWASP_A4_INSECURE_DESIGN";
|
|
8
|
+
ComplianceCode["OWASP_A5_SECURITY_MISCONFIGURATION"] = "OWASP_A5_SECURITY_MISCONFIGURATION";
|
|
9
|
+
ComplianceCode["OWASP_A6_VULNERABLE_OUTDATED_COMPONENTS"] = "OWASP_A6_VULNERABLE_OUTDATED_COMPONENTS";
|
|
10
|
+
ComplianceCode["OWASP_A7_IDENTIFICATION_AUTH_FAILURE"] = "OWASP_A7_IDENTIFICATION_AUTH_FAILURE";
|
|
11
|
+
ComplianceCode["OWASP_A8_SOFTWARE_DATA_INTEGRITY_FAILURE"] = "OWASP_A8_SOFTWARE_DATA_INTEGRITY_FAILURE";
|
|
12
|
+
ComplianceCode["OWASP_A9_LOGGING_MONITORING_FAILURES"] = "OWASP_A9_LOGGING_MONITORING_FAILURES";
|
|
13
|
+
ComplianceCode["OWASP_A10_SSRF"] = "OWASP_A10_SSRF";
|
|
14
|
+
// --- HIPAA (ComplianceId: 2) ---
|
|
15
|
+
ComplianceCode["HIPAA_164_105_PROTECT_PRIVATE_HEALTH_INFO"] = "HIPAA_164_105_PROTECT_PRIVATE_HEALTH_INFO";
|
|
16
|
+
ComplianceCode["HIPAA_164_306_A_1_KEEP_INFO_SAFE"] = "HIPAA_164_306_A_1_KEEP_INFO_SAFE";
|
|
17
|
+
ComplianceCode["HIPAA_164_306_A_2_PROTECT_AGAINST_THREATS"] = "HIPAA_164_306_A_2_PROTECT_AGAINST_THREATS";
|
|
18
|
+
ComplianceCode["HIPAA_164_306_A_3_STOP_UNAUTHORIZED_ACCESS"] = "HIPAA_164_306_A_3_STOP_UNAUTHORIZED_ACCESS";
|
|
19
|
+
ComplianceCode["HIPAA_164_308_A_1_I_PREVENT_FIX_PROBLEMS"] = "HIPAA_164_308_A_1_I_PREVENT_FIX_PROBLEMS";
|
|
20
|
+
ComplianceCode["HIPAA_164_308_A_1_II_B_LOWER_SECURITY_RISKS"] = "HIPAA_164_308_A_1_II_B_LOWER_SECURITY_RISKS";
|
|
21
|
+
ComplianceCode["HIPAA_164_308_A_5_II_B_BLOCK_MALWARE"] = "HIPAA_164_308_A_5_II_B_BLOCK_MALWARE";
|
|
22
|
+
ComplianceCode["HIPAA_164_308_A_5_II_C_WATCH_LOGINS"] = "HIPAA_164_308_A_5_II_C_WATCH_LOGINS";
|
|
23
|
+
ComplianceCode["HIPAA_164_308_A_5_II_D_PROTECT_PASSWORDS"] = "HIPAA_164_308_A_5_II_D_PROTECT_PASSWORDS";
|
|
24
|
+
ComplianceCode["HIPAA_164_308_A_7_I_PLAN_EMERGENCIES"] = "HIPAA_164_308_A_7_I_PLAN_EMERGENCIES";
|
|
25
|
+
ComplianceCode["HIPAA_164_312_A_1_CONTROL_ACCESS"] = "HIPAA_164_312_A_1_CONTROL_ACCESS";
|
|
26
|
+
ComplianceCode["HIPAA_164_312_C_1_PREVENT_CHANGES"] = "HIPAA_164_312_C_1_PREVENT_CHANGES";
|
|
27
|
+
ComplianceCode["HIPAA_164_312_D_VERIFY_IDENTITY"] = "HIPAA_164_312_D_VERIFY_IDENTITY";
|
|
28
|
+
ComplianceCode["HIPAA_164_312_E_1_PROTECT_ONLINE_INFO"] = "HIPAA_164_312_E_1_PROTECT_ONLINE_INFO";
|
|
29
|
+
ComplianceCode["HIPAA_164_312_E_2_I_PREVENT_UNAUTHORIZED_CHANGES"] = "HIPAA_164_312_E_2_I_PREVENT_UNAUTHORIZED_CHANGES";
|
|
30
|
+
ComplianceCode["HIPAA_164_312_E_2_II_USE_ENCRYPTION"] = "HIPAA_164_312_E_2_II_USE_ENCRYPTION";
|
|
31
|
+
ComplianceCode["HIPAA_164_530_C_2_I_KEEP_INFO_SHARED"] = "HIPAA_164_530_C_2_I_KEEP_INFO_SHARED";
|
|
32
|
+
// --- GDPR (ComplianceId: 3) ---
|
|
33
|
+
ComplianceCode["GDPR_A_10_1_1_DOCUMENTED_OPERATING_PROCEDURES"] = "GDPR_A_10_1_1_DOCUMENTED_OPERATING_PROCEDURES";
|
|
34
|
+
ComplianceCode["GDPR_A_10_1_2_CHANGE_MANAGEMENT"] = "GDPR_A_10_1_2_CHANGE_MANAGEMENT";
|
|
35
|
+
ComplianceCode["GDPR_A_10_1_3_SEGREGATION_OF_DUTIES"] = "GDPR_A_10_1_3_SEGREGATION_OF_DUTIES";
|
|
36
|
+
ComplianceCode["GDPR_A_10_1_4_SEPARATION_DEV_TEST_OPS"] = "GDPR_A_10_1_4_SEPARATION_DEV_TEST_OPS";
|
|
37
|
+
ComplianceCode["GDPR_A_10_2_1_SERVICE_DELIVERY"] = "GDPR_A_10_2_1_SERVICE_DELIVERY";
|
|
38
|
+
ComplianceCode["GDPR_A_10_2_2_MONITORING_THIRD_PARTY_SERVICES"] = "GDPR_A_10_2_2_MONITORING_THIRD_PARTY_SERVICES";
|
|
39
|
+
ComplianceCode["GDPR_A_10_2_3_MANAGING_CHANGES_THIRD_PARTY"] = "GDPR_A_10_2_3_MANAGING_CHANGES_THIRD_PARTY";
|
|
40
|
+
ComplianceCode["GDPR_A_10_3_1_CAPACITY_MANAGEMENT"] = "GDPR_A_10_3_1_CAPACITY_MANAGEMENT";
|
|
41
|
+
ComplianceCode["GDPR_A_10_3_2_SYSTEM_ACCEPTANCE"] = "GDPR_A_10_3_2_SYSTEM_ACCEPTANCE";
|
|
42
|
+
ComplianceCode["GDPR_A_10_4_1_CONTROLS_AGAINST_MALICIOUS_CODE"] = "GDPR_A_10_4_1_CONTROLS_AGAINST_MALICIOUS_CODE";
|
|
43
|
+
ComplianceCode["GDPR_A_10_4_2_CONTROLS_AGAINST_MOBILE_CODE"] = "GDPR_A_10_4_2_CONTROLS_AGAINST_MOBILE_CODE";
|
|
44
|
+
ComplianceCode["GDPR_A_10_5_1_INFORMATION_BACK_UP"] = "GDPR_A_10_5_1_INFORMATION_BACK_UP";
|
|
45
|
+
ComplianceCode["GDPR_A_10_6_1_NETWORK_CONTROLS"] = "GDPR_A_10_6_1_NETWORK_CONTROLS";
|
|
46
|
+
ComplianceCode["GDPR_A_10_6_2_SECURITY_OF_NETWORK_SERVICES"] = "GDPR_A_10_6_2_SECURITY_OF_NETWORK_SERVICES";
|
|
47
|
+
ComplianceCode["GDPR_A_10_7_1_MANAGEMENT_REMOVABLE_MEDIA"] = "GDPR_A_10_7_1_MANAGEMENT_REMOVABLE_MEDIA";
|
|
48
|
+
ComplianceCode["GDPR_A_10_7_2_DISPOSAL_OF_MEDIA"] = "GDPR_A_10_7_2_DISPOSAL_OF_MEDIA";
|
|
49
|
+
ComplianceCode["GDPR_A_10_7_3_INFORMATION_HANDLING_PROCEDURES"] = "GDPR_A_10_7_3_INFORMATION_HANDLING_PROCEDURES";
|
|
50
|
+
ComplianceCode["GDPR_A_10_7_4_SECURITY_SYSTEM_DOCUMENTATION"] = "GDPR_A_10_7_4_SECURITY_SYSTEM_DOCUMENTATION";
|
|
51
|
+
ComplianceCode["GDPR_A_10_8_1_INFO_EXCHANGE_POLICIES"] = "GDPR_A_10_8_1_INFO_EXCHANGE_POLICIES";
|
|
52
|
+
ComplianceCode["GDPR_A_10_8_2_EXCHANGE_AGREEMENTS"] = "GDPR_A_10_8_2_EXCHANGE_AGREEMENTS";
|
|
53
|
+
ComplianceCode["GDPR_A_10_8_3_PHYSICAL_MEDIA_IN_TRANSIT"] = "GDPR_A_10_8_3_PHYSICAL_MEDIA_IN_TRANSIT";
|
|
54
|
+
ComplianceCode["GDPR_A_10_8_4_ELECTRONIC_MESSAGING"] = "GDPR_A_10_8_4_ELECTRONIC_MESSAGING";
|
|
55
|
+
ComplianceCode["GDPR_A_10_8_5_BUSINESS_INFORMATION_SYSTEMS"] = "GDPR_A_10_8_5_BUSINESS_INFORMATION_SYSTEMS";
|
|
56
|
+
ComplianceCode["GDPR_A_10_9_1_ELECTRONIC_COMMERCE"] = "GDPR_A_10_9_1_ELECTRONIC_COMMERCE";
|
|
57
|
+
ComplianceCode["GDPR_A_10_9_2_ONLINE_TRANSACTIONS"] = "GDPR_A_10_9_2_ONLINE_TRANSACTIONS";
|
|
58
|
+
ComplianceCode["GDPR_A_10_9_3_PUBLICLY_AVAILABLE"] = "GDPR_A_10_9_3_PUBLICLY_AVAILABLE";
|
|
59
|
+
ComplianceCode["GDPR_A_10_10_1_AUDIT_LOGGING"] = "GDPR_A_10_10_1_AUDIT_LOGGING";
|
|
60
|
+
ComplianceCode["GDPR_A_10_10_2_MONITORING_SYSTEM_USE"] = "GDPR_A_10_10_2_MONITORING_SYSTEM_USE";
|
|
61
|
+
ComplianceCode["GDPR_A_10_10_3_PROTECTION_OF_LOG_INFORMATION"] = "GDPR_A_10_10_3_PROTECTION_OF_LOG_INFORMATION";
|
|
62
|
+
ComplianceCode["GDPR_A_10_10_4_ADMINISTRATOR_OPERATOR_LOGS"] = "GDPR_A_10_10_4_ADMINISTRATOR_OPERATOR_LOGS";
|
|
63
|
+
ComplianceCode["GDPR_A_10_10_5_FAULT_LOGGING"] = "GDPR_A_10_10_5_FAULT_LOGGING";
|
|
64
|
+
ComplianceCode["GDPR_A_10_10_6_CLOCK_SYNCHRONIZATION"] = "GDPR_A_10_10_6_CLOCK_SYNCHRONIZATION";
|
|
65
|
+
ComplianceCode["GDPR_A_11_1_1_ACCESS_CONTROL_POLICY"] = "GDPR_A_11_1_1_ACCESS_CONTROL_POLICY";
|
|
66
|
+
ComplianceCode["GDPR_A_11_2_1_USER_REGISTRATION"] = "GDPR_A_11_2_1_USER_REGISTRATION";
|
|
67
|
+
ComplianceCode["GDPR_A_11_2_2_PRIVILEGE_MANAGEMENT"] = "GDPR_A_11_2_2_PRIVILEGE_MANAGEMENT";
|
|
68
|
+
ComplianceCode["GDPR_A_11_2_3_USER_PASSWORD_MANAGEMENT"] = "GDPR_A_11_2_3_USER_PASSWORD_MANAGEMENT";
|
|
69
|
+
ComplianceCode["GDPR_A_11_2_4_REVIEW_USER_ACCESS_RIGHTS"] = "GDPR_A_11_2_4_REVIEW_USER_ACCESS_RIGHTS";
|
|
70
|
+
ComplianceCode["GDPR_A_11_3_1_PASSWORD_USE"] = "GDPR_A_11_3_1_PASSWORD_USE";
|
|
71
|
+
ComplianceCode["GDPR_A_11_3_2_UNATTENDED_USER_EQUIPMENT"] = "GDPR_A_11_3_2_UNATTENDED_USER_EQUIPMENT";
|
|
72
|
+
ComplianceCode["GDPR_A_11_3_3_CLEAR_DESK_SCREEN_POLICY"] = "GDPR_A_11_3_3_CLEAR_DESK_SCREEN_POLICY";
|
|
73
|
+
ComplianceCode["GDPR_A_11_4_1_POLICY_USE_NETWORK_SERVICES"] = "GDPR_A_11_4_1_POLICY_USE_NETWORK_SERVICES";
|
|
74
|
+
ComplianceCode["GDPR_A_11_4_2_USER_AUTH_EXTERNAL_CONNECTIONS"] = "GDPR_A_11_4_2_USER_AUTH_EXTERNAL_CONNECTIONS";
|
|
75
|
+
ComplianceCode["GDPR_A_11_4_3_EQUIPMENT_IDENTIFICATION"] = "GDPR_A_11_4_3_EQUIPMENT_IDENTIFICATION";
|
|
76
|
+
ComplianceCode["GDPR_A_11_4_4_REMOTE_DIAGNOSTIC_PORT_PROTECTION"] = "GDPR_A_11_4_4_REMOTE_DIAGNOSTIC_PORT_PROTECTION";
|
|
77
|
+
ComplianceCode["GDPR_A_11_4_5_SEGREGATION_IN_NETWORKS"] = "GDPR_A_11_4_5_SEGREGATION_IN_NETWORKS";
|
|
78
|
+
ComplianceCode["GDPR_A_11_4_6_NETWORK_CONNECTION_CONTROL"] = "GDPR_A_11_4_6_NETWORK_CONNECTION_CONTROL";
|
|
79
|
+
ComplianceCode["GDPR_A_11_4_7_NETWORK_ROUTING_CONTROL"] = "GDPR_A_11_4_7_NETWORK_ROUTING_CONTROL";
|
|
80
|
+
ComplianceCode["GDPR_A_11_5_1_SECURE_LOG_ON"] = "GDPR_A_11_5_1_SECURE_LOG_ON";
|
|
81
|
+
ComplianceCode["GDPR_A_11_5_2_USER_ID_AND_AUTH"] = "GDPR_A_11_5_2_USER_ID_AND_AUTH";
|
|
82
|
+
ComplianceCode["GDPR_A_11_5_3_PASSWORD_MANAGEMENT_SYSTEM"] = "GDPR_A_11_5_3_PASSWORD_MANAGEMENT_SYSTEM";
|
|
83
|
+
ComplianceCode["GDPR_A_11_5_4_USE_OF_SYSTEM_UTILITIES"] = "GDPR_A_11_5_4_USE_OF_SYSTEM_UTILITIES";
|
|
84
|
+
ComplianceCode["GDPR_A_11_5_5_SESSION_TIMEOUT"] = "GDPR_A_11_5_5_SESSION_TIMEOUT";
|
|
85
|
+
ComplianceCode["GDPR_A_11_5_6_LIMITATION_CONNECTION_TIME"] = "GDPR_A_11_5_6_LIMITATION_CONNECTION_TIME";
|
|
86
|
+
ComplianceCode["GDPR_A_11_6_1_INFORMATION_ACCESS_RESTRICTION"] = "GDPR_A_11_6_1_INFORMATION_ACCESS_RESTRICTION";
|
|
87
|
+
ComplianceCode["GDPR_A_11_6_2_SENSITIVE_SYSTEM_ISOLATION"] = "GDPR_A_11_6_2_SENSITIVE_SYSTEM_ISOLATION";
|
|
88
|
+
ComplianceCode["GDPR_A_11_7_1_MOBILE_COMPUTING"] = "GDPR_A_11_7_1_MOBILE_COMPUTING";
|
|
89
|
+
ComplianceCode["GDPR_A_11_7_2_TELEWORKING"] = "GDPR_A_11_7_2_TELEWORKING";
|
|
90
|
+
ComplianceCode["GDPR_A_12_1_1_SECURITY_REQUIREMENTS_ANALYSIS"] = "GDPR_A_12_1_1_SECURITY_REQUIREMENTS_ANALYSIS";
|
|
91
|
+
ComplianceCode["GDPR_A_12_2_1_INPUT_DATA_VALIDATION"] = "GDPR_A_12_2_1_INPUT_DATA_VALIDATION";
|
|
92
|
+
ComplianceCode["GDPR_A_12_2_2_CONTROL_INTERNAL_PROCESSING"] = "GDPR_A_12_2_2_CONTROL_INTERNAL_PROCESSING";
|
|
93
|
+
ComplianceCode["GDPR_A_12_2_3_MESSAGE_INTEGRITY"] = "GDPR_A_12_2_3_MESSAGE_INTEGRITY";
|
|
94
|
+
ComplianceCode["GDPR_A_12_2_4_OUTPUT_DATA_VALIDATION"] = "GDPR_A_12_2_4_OUTPUT_DATA_VALIDATION";
|
|
95
|
+
ComplianceCode["GDPR_A_12_3_1_POLICY_CRYPTOGRAPHIC_CONTROLS"] = "GDPR_A_12_3_1_POLICY_CRYPTOGRAPHIC_CONTROLS";
|
|
96
|
+
ComplianceCode["GDPR_A_12_3_2_KEY_MANAGEMENT"] = "GDPR_A_12_3_2_KEY_MANAGEMENT";
|
|
97
|
+
ComplianceCode["GDPR_A_12_4_1_CONTROL_OPERATIONAL_SOFTWARE"] = "GDPR_A_12_4_1_CONTROL_OPERATIONAL_SOFTWARE";
|
|
98
|
+
ComplianceCode["GDPR_A_12_4_2_PROTECTION_SYSTEM_TEST_DATA"] = "GDPR_A_12_4_2_PROTECTION_SYSTEM_TEST_DATA";
|
|
99
|
+
ComplianceCode["GDPR_A_12_4_3_ACCESS_CONTROL_SOURCE_CODE"] = "GDPR_A_12_4_3_ACCESS_CONTROL_SOURCE_CODE";
|
|
100
|
+
ComplianceCode["GDPR_A_12_5_1_CHANGE_CONTROL_PROCEDURES"] = "GDPR_A_12_5_1_CHANGE_CONTROL_PROCEDURES";
|
|
101
|
+
ComplianceCode["GDPR_A_12_5_2_TECHNICAL_REVIEW_APPS"] = "GDPR_A_12_5_2_TECHNICAL_REVIEW_APPS";
|
|
102
|
+
ComplianceCode["GDPR_A_12_5_3_RESTRICTIONS_CHANGES_SOFTWARE"] = "GDPR_A_12_5_3_RESTRICTIONS_CHANGES_SOFTWARE";
|
|
103
|
+
ComplianceCode["GDPR_A_12_5_4_INFORMATION_LEAKAGE"] = "GDPR_A_12_5_4_INFORMATION_LEAKAGE";
|
|
104
|
+
ComplianceCode["GDPR_A_12_5_5_OUTSOURCED_SOFTWARE_DEV"] = "GDPR_A_12_5_5_OUTSOURCED_SOFTWARE_DEV";
|
|
105
|
+
ComplianceCode["GDPR_A_12_6_1_CONTROL_TECHNICAL_VULNERABILITIES"] = "GDPR_A_12_6_1_CONTROL_TECHNICAL_VULNERABILITIES";
|
|
106
|
+
// --- PCI DSS (ComplianceId: 4) ---
|
|
107
|
+
ComplianceCode["PCI_REQ_1_INSTALL_FIREWALL"] = "PCI_REQ_1_INSTALL_FIREWALL";
|
|
108
|
+
ComplianceCode["PCI_REQ_2_1_CHANGE_DEFAULT_PASSWORDS"] = "PCI_REQ_2_1_CHANGE_DEFAULT_PASSWORDS";
|
|
109
|
+
ComplianceCode["PCI_REQ_2_2_1_ONE_PRIMARY_FUNCTION"] = "PCI_REQ_2_2_1_ONE_PRIMARY_FUNCTION";
|
|
110
|
+
ComplianceCode["PCI_REQ_2_2_2_ENABLE_NECESSARY_SERVICES"] = "PCI_REQ_2_2_2_ENABLE_NECESSARY_SERVICES";
|
|
111
|
+
ComplianceCode["PCI_REQ_2_2_3_SECURE_INSECURE_SERVICES"] = "PCI_REQ_2_2_3_SECURE_INSECURE_SERVICES";
|
|
112
|
+
ComplianceCode["PCI_REQ_2_2_4_CONFIGURE_SYSTEM_PARAMETERS"] = "PCI_REQ_2_2_4_CONFIGURE_SYSTEM_PARAMETERS";
|
|
113
|
+
ComplianceCode["PCI_REQ_2_2_5_STRENGTHEN_INSECURE_SERVICES"] = "PCI_REQ_2_2_5_STRENGTHEN_INSECURE_SERVICES";
|
|
114
|
+
ComplianceCode["PCI_REQ_2_3_ENCRYPT_NON_CONSOLE_ADMIN"] = "PCI_REQ_2_3_ENCRYPT_NON_CONSOLE_ADMIN";
|
|
115
|
+
ComplianceCode["PCI_REQ_A_1_1_ISOLATE_PROCESSES_CDE"] = "PCI_REQ_A_1_1_ISOLATE_PROCESSES_CDE";
|
|
116
|
+
ComplianceCode["PCI_REQ_A_1_2_RESTRICT_ENTITY_ACCESS"] = "PCI_REQ_A_1_2_RESTRICT_ENTITY_ACCESS";
|
|
117
|
+
ComplianceCode["PCI_REQ_A_1_3_ENABLE_UNIQUE_LOGGING"] = "PCI_REQ_A_1_3_ENABLE_UNIQUE_LOGGING";
|
|
118
|
+
ComplianceCode["PCI_REQ_A_1_4_ENABLE_FORENSIC_INVESTIGATION"] = "PCI_REQ_A_1_4_ENABLE_FORENSIC_INVESTIGATION";
|
|
119
|
+
ComplianceCode["PCI_REQ_3_1_MINIMIZE_DATA_STORAGE"] = "PCI_REQ_3_1_MINIMIZE_DATA_STORAGE";
|
|
120
|
+
ComplianceCode["PCI_REQ_3_2_1_NO_FULL_TRACK_DATA"] = "PCI_REQ_3_2_1_NO_FULL_TRACK_DATA";
|
|
121
|
+
ComplianceCode["PCI_REQ_3_2_2_NO_CVV_STORAGE"] = "PCI_REQ_3_2_2_NO_CVV_STORAGE";
|
|
122
|
+
ComplianceCode["PCI_REQ_3_2_3_NO_PIN_STORAGE"] = "PCI_REQ_3_2_3_NO_PIN_STORAGE";
|
|
123
|
+
ComplianceCode["PCI_REQ_3_3_MASK_PAN"] = "PCI_REQ_3_3_MASK_PAN";
|
|
124
|
+
ComplianceCode["PCI_REQ_3_4_RENDER_PAN_UNREADABLE"] = "PCI_REQ_3_4_RENDER_PAN_UNREADABLE";
|
|
125
|
+
ComplianceCode["PCI_REQ_3_5_PROTECT_ENCRYPTION_KEYS"] = "PCI_REQ_3_5_PROTECT_ENCRYPTION_KEYS";
|
|
126
|
+
ComplianceCode["PCI_REQ_3_6_KEY_MANAGEMENT_PROCESSES"] = "PCI_REQ_3_6_KEY_MANAGEMENT_PROCESSES";
|
|
127
|
+
ComplianceCode["PCI_REQ_3_7_DOCUMENT_POLICIES_STORED_DATA"] = "PCI_REQ_3_7_DOCUMENT_POLICIES_STORED_DATA";
|
|
128
|
+
ComplianceCode["PCI_REQ_4_1_STRONG_CRYPTO_TRANSMISSION"] = "PCI_REQ_4_1_STRONG_CRYPTO_TRANSMISSION";
|
|
129
|
+
ComplianceCode["PCI_REQ_4_2_NO_UNPROTECTED_PAN_MESSAGING"] = "PCI_REQ_4_2_NO_UNPROTECTED_PAN_MESSAGING";
|
|
130
|
+
ComplianceCode["PCI_REQ_4_3_ENCRYPTION_POLICIES_TRANSMISSION"] = "PCI_REQ_4_3_ENCRYPTION_POLICIES_TRANSMISSION";
|
|
131
|
+
ComplianceCode["PCI_REQ_5_PROTECT_MALWARE_ANTIVIRUS"] = "PCI_REQ_5_PROTECT_MALWARE_ANTIVIRUS";
|
|
132
|
+
ComplianceCode["PCI_REQ_6_1_IDENTIFY_RANK_VULNERABILITIES"] = "PCI_REQ_6_1_IDENTIFY_RANK_VULNERABILITIES";
|
|
133
|
+
ComplianceCode["PCI_REQ_6_2_INSTALL_SECURITY_PATCHES"] = "PCI_REQ_6_2_INSTALL_SECURITY_PATCHES";
|
|
134
|
+
ComplianceCode["PCI_REQ_6_3_1_SECURE_SOFTWARE_DEVELOPMENT"] = "PCI_REQ_6_3_1_SECURE_SOFTWARE_DEVELOPMENT";
|
|
135
|
+
ComplianceCode["PCI_REQ_6_3_2_CODE_REVIEW"] = "PCI_REQ_6_3_2_CODE_REVIEW";
|
|
136
|
+
ComplianceCode["PCI_REQ_6_4_1_SEPARATE_DEV_PROD"] = "PCI_REQ_6_4_1_SEPARATE_DEV_PROD";
|
|
137
|
+
ComplianceCode["PCI_REQ_6_4_2_SEPARATION_OF_DUTIES"] = "PCI_REQ_6_4_2_SEPARATION_OF_DUTIES";
|
|
138
|
+
ComplianceCode["PCI_REQ_6_4_3_NO_LIVE_DATA_TESTING"] = "PCI_REQ_6_4_3_NO_LIVE_DATA_TESTING";
|
|
139
|
+
ComplianceCode["PCI_REQ_6_4_4_REMOVE_TEST_DATA"] = "PCI_REQ_6_4_4_REMOVE_TEST_DATA";
|
|
140
|
+
ComplianceCode["PCI_REQ_6_5_1_PREVENT_INJECTION"] = "PCI_REQ_6_5_1_PREVENT_INJECTION";
|
|
141
|
+
ComplianceCode["PCI_REQ_6_5_2_PREVENT_BUFFER_OVERFLOW"] = "PCI_REQ_6_5_2_PREVENT_BUFFER_OVERFLOW";
|
|
142
|
+
ComplianceCode["PCI_REQ_6_5_3_SECURE_CRYPTOGRAPHIC_STORAGE"] = "PCI_REQ_6_5_3_SECURE_CRYPTOGRAPHIC_STORAGE";
|
|
143
|
+
ComplianceCode["PCI_REQ_6_5_4_SECURE_COMM_CHANNELS"] = "PCI_REQ_6_5_4_SECURE_COMM_CHANNELS";
|
|
144
|
+
ComplianceCode["PCI_REQ_6_5_5_PROPER_ERROR_HANDLING"] = "PCI_REQ_6_5_5_PROPER_ERROR_HANDLING";
|
|
145
|
+
ComplianceCode["PCI_REQ_6_5_6_ADDRESS_HIGH_RISK_VULNS"] = "PCI_REQ_6_5_6_ADDRESS_HIGH_RISK_VULNS";
|
|
146
|
+
ComplianceCode["PCI_REQ_6_5_7_PREVENT_XSS"] = "PCI_REQ_6_5_7_PREVENT_XSS";
|
|
147
|
+
ComplianceCode["PCI_REQ_6_5_8_PREVENT_ACCESS_CONTROL_VULNS"] = "PCI_REQ_6_5_8_PREVENT_ACCESS_CONTROL_VULNS";
|
|
148
|
+
ComplianceCode["PCI_REQ_6_5_9_PREVENT_CSRF"] = "PCI_REQ_6_5_9_PREVENT_CSRF";
|
|
149
|
+
ComplianceCode["PCI_REQ_6_5_10_PREVENT_BROKEN_AUTH"] = "PCI_REQ_6_5_10_PREVENT_BROKEN_AUTH";
|
|
150
|
+
ComplianceCode["PCI_REQ_6_6_PROTECT_PUBLIC_WEB_APPS"] = "PCI_REQ_6_6_PROTECT_PUBLIC_WEB_APPS";
|
|
151
|
+
ComplianceCode["PCI_REQ_6_7_DOCUMENT_POLICIES_SECURE_SYSTEMS"] = "PCI_REQ_6_7_DOCUMENT_POLICIES_SECURE_SYSTEMS";
|
|
152
|
+
ComplianceCode["PCI_REQ_7_RESTRICT_ACCESS_NEED_TO_KNOW"] = "PCI_REQ_7_RESTRICT_ACCESS_NEED_TO_KNOW";
|
|
153
|
+
ComplianceCode["PCI_REQ_7_1_1_DEFINE_ROLE_BASED_ACCESS"] = "PCI_REQ_7_1_1_DEFINE_ROLE_BASED_ACCESS";
|
|
154
|
+
ComplianceCode["PCI_REQ_7_1_2_RESTRICT_PRIVILEGED_USER"] = "PCI_REQ_7_1_2_RESTRICT_PRIVILEGED_USER";
|
|
155
|
+
ComplianceCode["PCI_REQ_7_1_3_ASSIGN_ACCESS_BY_ROLE"] = "PCI_REQ_7_1_3_ASSIGN_ACCESS_BY_ROLE";
|
|
156
|
+
ComplianceCode["PCI_REQ_7_1_4_DOCUMENTED_APPROVAL"] = "PCI_REQ_7_1_4_DOCUMENTED_APPROVAL";
|
|
157
|
+
ComplianceCode["PCI_REQ_7_2_ACCESS_CONTROL_NEED_TO_KNOW"] = "PCI_REQ_7_2_ACCESS_CONTROL_NEED_TO_KNOW";
|
|
158
|
+
ComplianceCode["PCI_REQ_7_3_DOCUMENT_POLICIES_CARDHOLDER_DATA"] = "PCI_REQ_7_3_DOCUMENT_POLICIES_CARDHOLDER_DATA";
|
|
159
|
+
ComplianceCode["PCI_REQ_8_1_1_ASSIGN_UNIQUE_IDS"] = "PCI_REQ_8_1_1_ASSIGN_UNIQUE_IDS";
|
|
160
|
+
ComplianceCode["PCI_REQ_8_1_2_CONTROL_USER_ID_MANAGEMENT"] = "PCI_REQ_8_1_2_CONTROL_USER_ID_MANAGEMENT";
|
|
161
|
+
ComplianceCode["PCI_REQ_8_1_3_REVOKE_TERMINATED_USERS"] = "PCI_REQ_8_1_3_REVOKE_TERMINATED_USERS";
|
|
162
|
+
ComplianceCode["PCI_REQ_8_1_4_REMOVE_INACTIVE_ACCOUNTS"] = "PCI_REQ_8_1_4_REMOVE_INACTIVE_ACCOUNTS";
|
|
163
|
+
ComplianceCode["PCI_REQ_8_1_5_MANAGE_THIRD_PARTY_IDS"] = "PCI_REQ_8_1_5_MANAGE_THIRD_PARTY_IDS";
|
|
164
|
+
ComplianceCode["PCI_REQ_8_1_6_LIMIT_REPEATED_ACCESS_ATTEMPTS"] = "PCI_REQ_8_1_6_LIMIT_REPEATED_ACCESS_ATTEMPTS";
|
|
165
|
+
ComplianceCode["PCI_REQ_8_1_7_ACCOUNT_LOCKOUT_DURATION"] = "PCI_REQ_8_1_7_ACCOUNT_LOCKOUT_DURATION";
|
|
166
|
+
ComplianceCode["PCI_REQ_8_1_8_SESSION_RE_AUTH_IDLE"] = "PCI_REQ_8_1_8_SESSION_RE_AUTH_IDLE";
|
|
167
|
+
ComplianceCode["PCI_REQ_8_2_1_ENCRYPT_CREDENTIALS"] = "PCI_REQ_8_2_1_ENCRYPT_CREDENTIALS";
|
|
168
|
+
ComplianceCode["PCI_REQ_8_2_2_VERIFY_IDENTITY_BEFORE_CHANGE"] = "PCI_REQ_8_2_2_VERIFY_IDENTITY_BEFORE_CHANGE";
|
|
169
|
+
ComplianceCode["PCI_REQ_8_2_3_PASSWORD_STRENGTH"] = "PCI_REQ_8_2_3_PASSWORD_STRENGTH";
|
|
170
|
+
ComplianceCode["PCI_REQ_8_2_4_PASSWORD_EXPIRATION"] = "PCI_REQ_8_2_4_PASSWORD_EXPIRATION";
|
|
171
|
+
ComplianceCode["PCI_REQ_8_2_5_PASSWORD_REUSE"] = "PCI_REQ_8_2_5_PASSWORD_REUSE";
|
|
172
|
+
ComplianceCode["PCI_REQ_8_2_6_UNIQUE_INITIAL_PASSWORD"] = "PCI_REQ_8_2_6_UNIQUE_INITIAL_PASSWORD";
|
|
173
|
+
ComplianceCode["PCI_REQ_8_3_SECURE_REMOTE_ACCESS_MFA"] = "PCI_REQ_8_3_SECURE_REMOTE_ACCESS_MFA";
|
|
174
|
+
ComplianceCode["PCI_REQ_8_4_DOCUMENT_AUTH_POLICIES"] = "PCI_REQ_8_4_DOCUMENT_AUTH_POLICIES";
|
|
175
|
+
ComplianceCode["PCI_REQ_8_5_1_UNIQUE_CREDS_SERVICE_PROVIDERS"] = "PCI_REQ_8_5_1_UNIQUE_CREDS_SERVICE_PROVIDERS";
|
|
176
|
+
ComplianceCode["PCI_REQ_8_6_AUTH_MECHANISMS_INDIVIDUAL"] = "PCI_REQ_8_6_AUTH_MECHANISMS_INDIVIDUAL";
|
|
177
|
+
ComplianceCode["PCI_REQ_8_7_RESTRICT_DB_ACCESS"] = "PCI_REQ_8_7_RESTRICT_DB_ACCESS";
|
|
178
|
+
ComplianceCode["PCI_REQ_8_8_DOCUMENT_AUTH_POLICIES_COMM"] = "PCI_REQ_8_8_DOCUMENT_AUTH_POLICIES_COMM";
|
|
179
|
+
ComplianceCode["PCI_REQ_9_RESTRICT_PHYSICAL_ACCESS"] = "PCI_REQ_9_RESTRICT_PHYSICAL_ACCESS";
|
|
180
|
+
ComplianceCode["PCI_REQ_10_4_SYNCHRONIZE_CLOCKS"] = "PCI_REQ_10_4_SYNCHRONIZE_CLOCKS";
|
|
181
|
+
ComplianceCode["PCI_REQ_10_5_SECURE_AUDIT_TRAILS"] = "PCI_REQ_10_5_SECURE_AUDIT_TRAILS";
|
|
182
|
+
ComplianceCode["PCI_REQ_10_6_REVIEW_LOGS"] = "PCI_REQ_10_6_REVIEW_LOGS";
|
|
183
|
+
ComplianceCode["PCI_REQ_10_7_RETAIN_AUDIT_TRAIL"] = "PCI_REQ_10_7_RETAIN_AUDIT_TRAIL";
|
|
184
|
+
ComplianceCode["PCI_REQ_10_9_DOCUMENT_ACCESS_MONITORING"] = "PCI_REQ_10_9_DOCUMENT_ACCESS_MONITORING";
|
|
185
|
+
ComplianceCode["PCI_REQ_11_REGULAR_TESTING"] = "PCI_REQ_11_REGULAR_TESTING";
|
|
186
|
+
ComplianceCode["PCI_REQ_12_INFO_SEC_POLICY"] = "PCI_REQ_12_INFO_SEC_POLICY";
|
|
187
|
+
// --- SANS/CWE Top 25 (ComplianceId: 5) ---
|
|
188
|
+
ComplianceCode["SANS_TOP_25_CWE_79_XSS"] = "SANS_TOP_25_CWE_79_XSS";
|
|
189
|
+
ComplianceCode["SANS_TOP_25_CWE_787_OOB_WRITE"] = "SANS_TOP_25_CWE_787_OOB_WRITE";
|
|
190
|
+
ComplianceCode["SANS_TOP_25_CWE_89_SQLI"] = "SANS_TOP_25_CWE_89_SQLI";
|
|
191
|
+
ComplianceCode["SANS_TOP_25_CWE_352_CSRF"] = "SANS_TOP_25_CWE_352_CSRF";
|
|
192
|
+
ComplianceCode["SANS_TOP_25_CWE_22_PATH_TRAVERSAL"] = "SANS_TOP_25_CWE_22_PATH_TRAVERSAL";
|
|
193
|
+
ComplianceCode["SANS_TOP_25_CWE_125_OOB_READ"] = "SANS_TOP_25_CWE_125_OOB_READ";
|
|
194
|
+
ComplianceCode["SANS_TOP_25_CWE_78_OS_COMMAND_INJECTION"] = "SANS_TOP_25_CWE_78_OS_COMMAND_INJECTION";
|
|
195
|
+
ComplianceCode["SANS_TOP_25_CWE_416_USE_AFTER_FREE"] = "SANS_TOP_25_CWE_416_USE_AFTER_FREE";
|
|
196
|
+
ComplianceCode["SANS_TOP_25_CWE_862_MISSING_AUTHZ"] = "SANS_TOP_25_CWE_862_MISSING_AUTHZ";
|
|
197
|
+
ComplianceCode["SANS_TOP_25_CWE_434_UNRESTRICTED_UPLOAD"] = "SANS_TOP_25_CWE_434_UNRESTRICTED_UPLOAD";
|
|
198
|
+
ComplianceCode["SANS_TOP_25_CWE_94_CODE_INJECTION"] = "SANS_TOP_25_CWE_94_CODE_INJECTION";
|
|
199
|
+
ComplianceCode["SANS_TOP_25_CWE_20_INPUT_VALIDATION"] = "SANS_TOP_25_CWE_20_INPUT_VALIDATION";
|
|
200
|
+
ComplianceCode["SANS_TOP_25_CWE_77_COMMAND_INJECTION"] = "SANS_TOP_25_CWE_77_COMMAND_INJECTION";
|
|
201
|
+
ComplianceCode["SANS_TOP_25_CWE_287_IMPROPER_AUTH"] = "SANS_TOP_25_CWE_287_IMPROPER_AUTH";
|
|
202
|
+
ComplianceCode["SANS_TOP_25_CWE_269_PRIVILEGE_MGMT"] = "SANS_TOP_25_CWE_269_PRIVILEGE_MGMT";
|
|
203
|
+
ComplianceCode["SANS_TOP_25_CWE_502_UNTRUSTED_DESER"] = "SANS_TOP_25_CWE_502_UNTRUSTED_DESER";
|
|
204
|
+
ComplianceCode["SANS_TOP_25_CWE_200_INFO_EXPOSURE"] = "SANS_TOP_25_CWE_200_INFO_EXPOSURE";
|
|
205
|
+
ComplianceCode["SANS_TOP_25_CWE_863_INCORRECT_AUTHZ"] = "SANS_TOP_25_CWE_863_INCORRECT_AUTHZ";
|
|
206
|
+
ComplianceCode["SANS_TOP_25_CWE_918_SSRF"] = "SANS_TOP_25_CWE_918_SSRF";
|
|
207
|
+
ComplianceCode["SANS_TOP_25_CWE_119_MEMORY_BOUNDS"] = "SANS_TOP_25_CWE_119_MEMORY_BOUNDS";
|
|
208
|
+
ComplianceCode["SANS_TOP_25_CWE_476_NULL_DEREF"] = "SANS_TOP_25_CWE_476_NULL_DEREF";
|
|
209
|
+
ComplianceCode["SANS_TOP_25_CWE_798_HARDCODED_CREDS"] = "SANS_TOP_25_CWE_798_HARDCODED_CREDS";
|
|
210
|
+
ComplianceCode["SANS_TOP_25_CWE_190_INTEGER_OVERFLOW"] = "SANS_TOP_25_CWE_190_INTEGER_OVERFLOW";
|
|
211
|
+
ComplianceCode["SANS_TOP_25_CWE_400_RESOURCE_CONSUMPTION"] = "SANS_TOP_25_CWE_400_RESOURCE_CONSUMPTION";
|
|
212
|
+
ComplianceCode["SANS_TOP_25_CWE_306_MISSING_AUTH"] = "SANS_TOP_25_CWE_306_MISSING_AUTH";
|
|
213
|
+
})(ComplianceCode || (ComplianceCode = {}));
|