Skip to content

Commit

Permalink
Security Controls Action Documentation
Browse files Browse the repository at this point in the history
  • Loading branch information
ammentorp committed Dec 13, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent 6af9a65 commit 280549f
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions docs/actions/security-controls.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Semantic Conventions for `security-control` Actions

Used when span name is `security-control`.

<!-- semconv contrast.action.span.security-control(full) -->
| Attribute | Type | Description | Examples | Requirement Level |
|---------------------------|---|--------------------------------------------------------------|-----------------------------------------|-------------------|
| `security.control.method` | string | The method of the custom security control. | `com.Acme.OldSecurity.DoLegacySecurity` | Required |
| `security.control.name` | string | The name of the custom security control. | `My Custom Security Control ` | Optional |
| `security.control.rules` | string | The rules applicable to the custom security control. | `reflected-xss`; `path-traversal` | Recommended |
| `security.control.type` | string | The custom security control type. | `sanitizer`; `validator` | Optional |

`security.control.type` MUST be one of the following:

| Value | Description |
|---------------------|-----------------|
| `sanitizer` | Sanitizer |
| `input-validator` | Input Validator |
| `regex-validator` | Regex Validator |
<!-- endsemconv -->

0 comments on commit 280549f

Please sign in to comment.