Skip to main content

Overview

Security rules define the code vulnerabilities Cysmiq can detect. This page shows coverage by impact category and language. Secrets scanning is documented separately in Secrets.

Impact coverage by language

ImpactJavaScriptTypeScriptPythonJavaKotlinGoElixirRubyPHPC#
Execute CommandsYesYesYesYesYesYesYesYesYesYes
Takeover Accounts---YesYes---YesYes
Gain AccessYesYesYesYesYesYes--YesYes
Access DataYesYesYesYesYesYesYesYesYesYes
Access FilesYesYesYesYesYesYesYesYesYesYes
Intercept TrafficYesYesYesYesYesYesYes-YesYes
Insufficient Data ProtectionYesYesYesYesYesYes--YesYes
Bypass Cryptographic ControlsYesYes-YesYesYes---Yes
Facilitate Client-side AttacksYesYesYesYesYesYesYesYesYesYes
Access Application State----YesYes--YesYes
Evade Detection---YesYes-----
Degrade PerformanceYesYes---YesYes---
  • Yes means at least one rule maps to the impact for that language
  • - means no current coverage
  • Coverage includes core language rules plus all library rule packs
  • Obtain Secrets is covered by secrets scanning and omitted here
  • See Impacts for CWE mappings

Library rule packs

Library rule packs add coverage for specific frameworks and libraries beyond core language rules.