Secrets Management

Secrets Management #

TLDR: Build and runtime secrets are stored securely and documented appropriately
Rationale: Leaked secrets such as api keys, cryptography keys, identity tokens are a common attack scenario.

Background #

Secrets must be stored in a secure way, and a documented in a central place. Cryptographic failures are the second highest risk in the OWASP top ten so rigor and process is essential.

Change Records

© Kosli 2023, all rights reserved
CCPA Do not sell my info