Ce produit n'est pas pris en charge par le site Datadog que vous avez sélectionné. ().
Cette page n'est pas encore disponible en français, sa traduction est en cours. Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.
This rule ensures that data encryption in your application is robust and secure against potential cyber threats. The rule discourages the use of deprecated and weak cryptographic algorithms such as DES (Data Encryption Standard) or DESede, which are known to be vulnerable to various types of attacks.
Using weak or deprecated encryption algorithms can lead to serious security breaches, including unauthorized access to sensitive data. Strong cryptography is essential in today’s digital world where data breaches are becoming increasingly common and sophisticated.
How to remediate
Always use strong and up-to-date cryptographic algorithms in your Java code. For instance, instead of ‘DES’, use stronger algorithms like ‘AES’ (Advanced Encryption Standard) with a key size of at least 128 bits. So, instead of javax.crypto.Cipher.getInstance("DES/CBC/PKCS5Padding") or Cipher.getInstance("DES"), you should use something like Cipher.getInstance("AES/CBC/PKCS5Padding") or Cipher.getInstance("AES"). Regularly updating your knowledge about the latest cryptographic standards can also help in maintaining the security of your application.
classFoo{publicvoidbar()throwsException{// Safe: using strong AES encryption instead of weak DESjavax.crypto.Cipherc=javax.crypto.Cipher.getInstance("AES/CBC/PKCS5Padding");Cipher.getInstance("AES");}}
1
2
rulesets:- java-security # Rules to enforce Java security.
Request a personalized demo
Commencer avec Datadog
Datadog Docs AIYour use of this AI-powered assistant is subject to our Privacy Policy. Please do not submit sensitive or personal information.
