creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-13 22:54:53 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-semgrep-for-custom-sast-rules/references/standards.md
T

1.1 KiB
Raw Blame History

Standards - Semgrep Custom SAST Rules

OWASP Top 10 (2021) Coverage

Category Semgrep Detection
A01 Broken Access Control Authorization bypass patterns
A02 Cryptographic Failures Weak crypto, hardcoded secrets
A03 Injection SQL, XSS, command injection (taint mode)
A04 Insecure Design Missing input validation
A05 Security Misconfiguration Debug mode, insecure defaults
A06 Vulnerable Components Deprecated API usage
A07 Auth Failures JWT misconfig, session issues
A08 Software/Data Integrity Deserialization, unsigned data
A09 Logging Failures Missing audit logging
A10 SSRF Server-side request forgery (taint mode)

CWE Coverage

Common CWEs detectable via Semgrep custom rules: CWE-79 (XSS), CWE-89 (SQLi), CWE-798 (Hardcoded Credentials), CWE-330 (Insecure Random), CWE-502 (Deserialization), CWE-918 (SSRF)

NIST SP 800-53 Rev 5

  • SA-11: Developer Security Testing
  • SA-15: Development Process, Standards, and Tools

Compliance

  • PCI DSS v4.0 Req 6.3.2: Secure development with automated tools
  • SOC 2 CC8.1: Change management with code scanning
Reference in New Issue View Git Blame Copy Permalink