Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Save $650 on Qlik Connect, Dec 1 - 7, our lowest price of the year. Register with code CYBERWEEK: Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable
‎2016-05-24 02:00 PM

Security concerns with the java code that Talend creates

I have generated multiple ETL jobs to move data from one database to another and ran a couple scans on the code that was created.  The scans found many security flaws when scanning based on the Security Technical Implementation Guide (STIG).  Does Talend support this security guide and does Talend update their software when security concerns are found?

Labels (2)
Labels
223 Views
0 Likes
1 Reply
Anonymous
Not applicable
‎2016-05-24 06:51 PM
Author

I would say, STIG cannot be applied to generated code without any user interaction. Of course nobody e.g. would write SQL code with direct inline values but this code cannot misused because the purpose of the jobs are batch processing and this is not affected by the attempt of users to cheat the system. 
By the way, the database output components uses always prepared statements and therefore secure.
223 Views
0 Likes