Build and Deployment -> Deployment: Environment depending configuration parameters (secrets)
Risk and Opportunity
Risk: Attackers who compromise a system can see confidential access information like database credentials.\ Parameters are often used to set credentials, for example by starting containers or applications; these parameters can often be seen by any one listing running processes on the target system.
Opportunity: Configuration parameters are set for each environment not in the source code.
By using encryption, it is harder to read credentials , e.g. from the file system. Also, the usage of a credential management system can help protect credentials.
Usefulness and Requirements of this Activity
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low
OWASP SAMM VERSION 2