Leakage of sensitive data to Open Telemetry

Description

Leaking sensitive data to third-party loggers is a common cause of data leaks and can lead to data breaches. This rule looks for instances of sensitive data sent to Open Telemetry.

Remediations

When logging errors or events, ensure all sensitive data is removed.

Resources

Associated CWE

OWASP Top 10

Configuration

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=php_third_parties_open_telemetry

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=php_third_parties_open_telemetry

Ready to take the next step? Learn more about Bearer Cloud.