-
### Environment
* Mustang 0.6.4
* Mac (unsure whether Intel or ARM and which OS version)
### Reproduction
1. Start Mustang, set up existing email address
2. Log in with GMail address
3. -> O…
-
### Description
Our application is net8.0-android and customer is sending us a MobSF static analysis that gives security alerts related to Stack Canary.
I'm not an expert in this fields, so I simp…
-
## **Goal**:
Test the suitability of GitHub CodeQL as Mojaloop's static application security testing (SAST) tool.
Static application security testing (SAST), or static analysis, is a testing meth…
-
### Use case
I find that the tools for building a Flutter app for iOS are too thin of a layer above the native tools for building for iOS. A few examples:
When packages get their dependencies wron…
-
Wikipedia references:
* https://en.wikipedia.org/wiki/Information_security
* https://en.wikipedia.org/wiki/Information_security_audit
* https://en.wikipedia.org/wiki/Attribute-based_access_contro…
-
- [ ] Come up with 5 most important tests to have in system by Tue EOD
- [ ] Reasoning why you are picking these 5 by Tue EOD
- [ ] Implemetation of these 5 actions by Wed EOD
-
It would be convenient to be able to get the generated password from `PasswordGenerator` as a `char[]` or `CharBuffer`. This would allow us to wipe out contents in the array to avoid Heap_Inspection r…
-
The security SIG is looking to ensure that security tooling is setup consistently across the organization. As a result, we're asking maintainers to ensure the following tools are enabled in each repos…
-
As security tooling becomes more highly integrated into OCP projects, there is a desire to centralize this information to make it more accessible to interested parties.
From the Platform Registry, …
-
Hey! Do you already use a static code analysis tool? Also known as SAST.
[SAST](https://snyk.io/learn/application-security/static-application-security-testing/) is used to identify security vulnera…