Poespas Blog

Protecting Sensitive Data with Veracode's Static Application Security (SSA) Filters

Using Veracode’s SSA Filters for Sensitive Data Protection

Veracode is a well-known static application security testing (SAST) tool that helps developers identify vulnerabilities in their code. One of the key features of Veracode is its ability to use filters to focus on specific areas of concern, such as sensitive data protection.
In this article, we’ll explore how to use Veracode’s SSA filters to identify and protect sensitive data in your applications.

What are SSA Filters?

SSA filters are a powerful feature in Veracode that allow you to specify criteria for which code to analyze. By using filters, you can target specific areas of your application’s codebase and focus on the most critical issues first.
For sensitive data protection, you can use SSA filters to identify potential vulnerabilities related to:

• Data storage: Are sensitive data being stored in a secure manner?
• Data transmission: Is sensitive data being transmitted over insecure channels?
• Data processing: Are sensitive data being processed in a way that could compromise its security?

Creating an SSA Filter for Sensitive Data Protection

To create an SSA filter for sensitive data protection, follow these steps:

1. Log in to your Veracode account and navigate to the Filters page.
2. Click on Create Filter and choose SSA Filter as the filter type.
3. In the filter configuration page, select the criteria you want to use for filtering:
   • Data storage: Select the types of sensitive data you want to protect (e.g., credit card numbers, social security numbers).
   • Data transmission: Choose the protocols or channels you want to focus on (e.g., HTTP, FTP).
   • Data processing: Specify the types of operations that could compromise sensitive data (e.g., encryption, decryption).
4. Configure any additional filter settings as needed.
5. Save your SSA filter and use it in Veracode’s analysis process.

Conclusion

Veracode’s SSA filters are a powerful tool for identifying and protecting sensitive data in your applications. By using these filters, you can focus on the most critical issues related to sensitive data protection and ensure that your application is secure and compliant with relevant regulations.