| 1.1 |
DESKTOP-1-L2-QAS |
Ensure that each endpoint is tested using the Web Security Checklist. |
|
Critical |
| 1.2 |
DESKTOP-2-L2-QAS |
Ensure the application neither stores nor exposes secrets in configuration files, logs, memory, registry, during installation, update or uninstallation. |
|
High |
| 1.3 |
DESKTOP-3-L2-AS |
Ensure that all DLL files are signed to prevent DLL Hijacking attacks and safeguard against any potential tampering by users within the DLL library. |
|
High |
| 1.4 |
DESKTOP-4-L1-QA |
Ensure all data (including during installation, update and delete) is transmitted through secure communication channels. |
|
High |
| 1.5 |
DESKTOP-5-L2-QAS |
Ensure that the program installer has a digital signature. |
|
Medium |
| 1.6 |
DESKTOP-6-L1-QAS |
Ensure there are no weak file/folder permissions according to user role, there is a principle of least privilege (applies if the user has no admin privileges on the system). |
|
Medium |
| 1.7 |
DESKTOP-7-L1-QA |
Ensure that sensitive information like passwords, tokens, credit cards, etc., is not fully displayed in the UI. |
|
Medium |
| 1.8 |
DESKTOP-8-L2-AS |
Ensure sensitive data stored (local data caching) is properly encrypted or anonymized, preventing unauthorized access even if someone gains control of the workstation. |
|
Medium |
| 1.9 |
DESKTOP-9-L2-AS |
Ensure that Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) are enabled for the program files. |
|
Low |
| 1.10 |
DESKTOP-10-L1-QAS |
Ensure that upon uninstallation of an application, all associated data (files/services/certificates/firewall rules/registry entries) is completely removed from the system. |
|
Low |
| 1.11 |
DESKTOP-11-L2-QAS |
Ensure that program code is obfuscated and obfuscation prevents unauthorized parties from accessing the application logic and source code. |
|
Low |