Sensitive Data: High number of PCI¶
Identifier:
high_number_of_pci
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner |
|---|---|---|
Description¶
When access control is not properly implemented, some payment card information (PCI) can leak to the public. It may lead to data breaches, financial loss, regulatory violations, and severe legal penalties including PCI DSS non-compliance.
Configuration¶
Example¶
Example configuration:
---
security_tests:
high_number_of_pci:
assets_allowed:
- REST
- GRAPHQL
- WEBAPP
detection_threshold: 1
skip: false
Reference¶
assets_allowed¶
Type : List[AssetType]*
List of assets that this check will cover.
detection_threshold¶
Type : integer
Threshold to trigger alert if the number of values found.
skip¶
Type : boolean
Skip the test if true.