Back Forward Rule Security Analyzer

XXXXXXXXXXXXXXX REVISE FOR V6.1SP2 enhancements Regular Expression rules XXXXXXXXxxx

To help you make the Process Commander applications that you build more secure, you can activate and run the Rule Security Analyzer. This tool searches through rules to find specific JavaScript or SQL coding patterns that may indicate a security vulnerability. SOLOM PROJ-361 GRP-12495

The Rule Security Analyzer is implemented by adding the Pega-SecurityVA RuleSet to your application. To access the tool, select > Org and Security > Tools > Security > Rule Security Analyzer.

For an overview of this diagnostic tool, instructions on running it and interpreting its results, see Pega Developer Network article PRKB-26093 How to use the Rule Security Analyzer tool.

The Pega-SecurityVA RuleSet also contains the URL Search Utility (Data-SecurityVAUtility.JSSearchUtility), which locates Java constructs that are dynamically generating clear-text query strings. For security reasons, obfuscate such query strings, to prevent unauthorized access to URL contents. Apply the Process Commander SafeURL JavaScript package to these constructs so that the queries are obfuscated. Contact Global Customer Support for more information.

Definitions regular expression
Related topics About Regular Expression rules

Up Definitions — R