rspec/rules/S6308/elasticsearch_see.adoc

== See

* https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/encryption-at-rest.html[AWS Documentation] - Encryption of data at rest for Amazon Elasticsearch Service
* CWE - https://cwe.mitre.org/data/definitions/311[CWE-311 - Missing Encryption of Sensitive Data]
* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222588[Application Security and Development: V-222588] - The application must implement approved cryptographic mechanisms to prevent unauthorized modification of information at rest.
Create rule S6308: Using unencrypted Elasticsearch domains is security-sensitive (#174) 2021-09-07 14:12:58 +02:00			`== See`

Create rule S6308: Using unencrypted Elasticsearch domains is security-sensitive (APPSEC-107) (#1236) 2022-09-14 14:49:32 +02:00			`* https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/encryption-at-rest.html[AWS Documentation] - Encryption of data at rest for Amazon Elasticsearch Service`
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) * Fix all CWE references * Fix all OWASP references * Fix missing CWE prefixes 2024-01-15 17:15:56 +01:00			`* CWE - https://cwe.mitre.org/data/definitions/311[CWE-311 - Missing Encryption of Sensitive Data]`
Modify rules: Add STIG AS&D 2023-06-08 mappings (#3914) * Update JSON schema to include STIG ASD 2023-06-08 mapping * Update rules to add STIG metadata mappings --------- Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com> 2024-05-06 07:56:31 +01:00			`* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222588[Application Security and Development: V-222588] - The application must implement approved cryptographic mechanisms to prevent unauthorized modification of information at rest.`