studio

2024.10

true

Release Notes
- 2024.10.1
- 2024.10.5
- 2024.10.6
Getting Started
- Introduction
- The User Interface
- Keyboard Shortcut
- Signing in to Your Account
- Configuring Studio Settings
- Project Templates
- Creating a Basic Process
- Creating a Basic Library
- Tutorials
Setup and Configuration
- Hardware and Software Requirements
- Install Studio
- Activate Studio
  - About Licensing
- Update Studio
- Command Line Parameters
- Supported Applications and Technologies
- Enabling Gmail for Email Activities
- Opting Out of Telemetry
- Studio Executables
Automation Projects
- About Automation Projects
  - About the Windows - Legacy Compatibility
  - About the Project.Json File
- About Publishing Automation Projects
- About Libraries
  - Loading Web Services in Libraries
  - Activities Generated from Web Services
- Designing Automations
- Managing activity packages
- Configuring Activity Project Settings
- Signing Packages
- Governance
- Importing Entities
- Modern Design Experience
- Linking a Project to an Idea in Automation Hub
- Using the Data Manager
Dependencies
- About Dependencies
- Managing Dependencies
- Project Dependencies Mass Update
  - Mass Update Command Line Parameters
- Missing or Invalid Activities
Types of Workflows
- Sequences
- Flowcharts
- State Machines
- Forms
- Workflow From a Template
- Coded Workflow
- Coded Test Case
- Code Source File
- Global Exception Handler
Control Flow
- About Control Flow
- Control Flow Activities
File Comparison
- About File Comparison
- Comparing Files
Automation Best Practices
- Workflow Design
- UI Automation
- Project Organization
- Automation Lifecycle
- Methodology for reusing UI components
Source Control Integration
- About Version Control
- Managing Projects With GIT
- Managing Projects With TFS
- Managing Projects With SVN
- Workflow Diff
Debugging
- About Debugging
Logging
- Studio Logs
- Setup Logs
- OCR Diagnostic Logs
- Logging Levels
- Types of Logs
- Protecting Sensitive Information
The Diagnostic Tool
- About The Diagnostic Tool
Workflow Analyzer
- About Workflow Analyzer
- Naming Rules
- Design Best Practices
- Project Anatomy Rules
- Maintainability and Readability Rules
- Usage Rules
- Performance and Reusability Rules
  - ST-PRR-004 - Hardcoded Delay Activity
- Reliability Rules
  - ST-REL-001 - Mismatched argument types
  - ST-REL-006 - Infinite Loop
- Security Rules
  - ST-SEC-007 - SecureString Argument Usage
  - ST-SEC-008 - SecureString Variable Usage
  - ST-SEC-009 - SecureString Misusage
- Project Migration Rules
  - ST-PMG-001 - Identify Activities with Duplicate IDs
  - ST-PMG-002 - Identify Expressions that Are Incompatible with Windows Projects
Variables
- Managing Variables
- The Variables Panel
- Types of Variables
  - Data Table Variables
- UiPath Proprietary Variables
Arguments
- Managing Arguments
- The Arguments Panel
- Using Arguments
Imported Namespaces
- About Imported Namespaces
- Managing Namespaces
Coded automations
- Introduction
- Getting started
- Quickstart guide
  - Creating your first coded test case
- Registering custom services
- Before and After contexts
- Generating code
- Generating coded test case from manual test cases
- Tutorials
Trigger-based Attended Automation
- Trigger-based attended automation
- Overview
- Tutorials
Recording
- About Recording
- Recording Types
- Automatic Recording
- Example of Automatic Recording With Basic and Desktop
- Example of Automatic Recording With Web
- Manual Recording
UI Elements
- About UI Elements
- UI Activities Properties
- Input methods
  - Chromium API
- Example of Using Input Methods
- Output or Screen Scraping Methods
- Examples of Using Output or Screen Scraping Methods
- Generating Tables From Unstructured Data
- Relative Scraping
Selectors
- About Selectors
- UI Explorer
- Selectors With Wildcards
- Full versus partial selectors
- Dynamic Selectors
- Fuzzy Search
- RegEx Search
- Non-greedy search
- Case-sensitive selectors
Object Repository
- About Object Repository
- Creating an Object Repository
- Reusing objects and UI libraries
- Synchronize Object Repository tool
Data Scraping
- About Data Scraping
- Example of Using Data Scraping
Image and Text Automation
- About Image and Text Automation
- Mouse and Keyboard Activities
- Example of Using Mouse and Keyboard Automation
- Text Activities
- Example of Using Text Automation
- OCR Activities
- Installing OCR Languages
  - Installing an OCR Engine and Changing the Language
- Image Activities
- Example of Using OCR and Image Automation
Citrix Technologies Automation
- About Citrix technologies automation
- Configuration steps
- Example of automating a Citrix App
- Known issues and limitations
RDP Automation
- About Native RDP Automation
- Configuration Steps
- How Native RDP Automation Works
- Example of RDP Automation
- Known Issues and Limitations
VMware Horizon Automation
- About VMware Horizon Automation
- Configuration Steps
Salesforce Automation
- About Salesforce Automation
- Support for Salesforce Lightning Interface
SAP Automation
- SAP WinGUI
- SAP Fiori
- SAP WebGUI
macOS UI Automation
- About macOS UI Automation
- Configuration steps
The ScreenScrapeJavaSupport Tool
- About the ScreenScrapeJavaSupport Tool
- Argument Descriptions for the ScreenScrapeJavaSupport Tool
The WebDriver Protocol
- About the WebDriver Protocol
- Configuration Steps
- Known Issues and Limitations
Extensions
- About extensions
- SetupExtensions tool
- UiPath Remote Runtime
  - How to
    - Configure a multi-hop connection
  - Troubleshooting
- Extension for Chrome
- Extension for Edge
- Extension for Firefox
  - Troubleshooting
- Extension for Safari
- Extension for Java
  - Installing the extension on macOS
  - Troubleshooting
- Extension for Silverlight
  - Troubleshooting
- Extension for Citrix
  - Troubleshooting
- Extension for Microsoft Remote Desktop and Apps
  - Troubleshooting
- Extension for VMware Horizon
- Extension for Amazon WorkSpaces
- SAP Solution Manager plugin
- Excel Add-in
Test Suite - Studio
- Introduction
- Application Testing
- Testing project templates
  - Test Automation Framework
- Test Cases
  - Working with manual test cases
- Data-Driven Testing
- RPA Testing
  - About the testCases.json file
- Execution Templates
- Test Case Templates
  - Built-in Templates
    - Local File Templates
    - Package-file Templates
- Test Explorer
- Mock Testing
- API Test Automation
Troubleshooting
- About troubleshooting
- Microsoft App-V support and limitations
- Internet Explorer X64 troubleshooting
- Microsoft Office issues
- Identifying UI elements in PDF with Accessibility options
- Repairing Active Accessibility support
- JxBrowser applications troubleshooting
  - User Events Monitoring
- Application access errors
- Validation of large Windows-legacy projects takes longer than expected

Studio User Guide

Last updated Nov 18, 2024

ST-SEC-009 - SecureString Misusage

Rule ID: ST-SEC-009

Scope: Workflow

Description

This rule checks whether the SecureString type is misused in the workflow. This string type is used when avoiding to store potentially sensitive strings as plain text. If certain activities accept sensitive information as input but do not support the SecureString type, you can exclude them from this rule.

Recommendation

The SecureString type should not be used for any purpose other than the intended one. Therefore, attempting to cast SecureString to String may be viewed as a security risk.

According to the official Microsoft documentation, if a String object contains any sensitive information, it raises the risk of the data being revealed after it is used.

In addition, the scope of SecureString type variables should be very limited, ideally in the same scope where they were created.

Modifying the Rule

In the Project Settings window, select the Workflow Analyzer tab. Find and select the rule.

You can exclude activities that do not support the SecureString type by adding their namespaces separated by a comma in the Excluded Activities field.

Reset to Default

To reset the value to default, right-click the rule in the Project Settings window, and then click Reset to default.

On this page

Description
Recommendation
Modifying the Rule
Reset to Default

Was this page helpful?

PREVIOUSST-SEC-008 - SecureString Variable Usage

NEXTProject Migration Rules

Support and Services

Get The Help You Need

Learning RPA - Automation Courses

UiPath Community Forum

Trust and Security

© 2005-2024 UiPath. All rights reserved.