Rule Security Analyzer Rule Security Analyzer To help you make the Process Commander applications that you build more secure, you can activate and run the Rule Security Analyzer. This tool searches through rules to find specific JavaScript or SQL coding patterns that may indicate a security vulnerability. SOLOM PROJ-361 GRP-12495
The Rule Security Analyzer is implemented by adding the Pega-SecurityVA RuleSet to your application. To access the tool, select 
> Org and Security > Tools > Security > Rule Security Analyzer.
You can supplement the Pega-supplied regular expressons with additional regular expressions you create, as Regular Expression rules. V6.1SP2
For an overview of this diagnostic tool, instructions on running it and interpreting its results, see the Pega Developer Network.
The Pega-SecurityVA RuleSet also contains the URL Search Utility (Data-SecurityVAUtility.JSSearchUtility), which locates Java constructs that are dynamically generating clear-text query strings. For security reasons, obfuscate such query strings, to prevent unauthorized access to URL contents. Apply the Process Commander SafeURL JavaScript package to these constructs so that the queries are obfuscated. Contact Global Customer Support for more information.
|
regular expression |
|
About Regular Expression rules
|
Definitions — R