Fork me on GitHub

Build and Deployment -> Deployment: Environment depending configuration parameters (secrets)

Risk and Opportunity

Risk: Attackers who compromise a system can see confidential access information like database credentials.\ Parameters are often used to set credentials, for example by starting containers or applications; these parameters can often be seen by any one listing running processes on the target system.
Opportunity: Configuration parameters are set for each environment not in the source code. By using encryption, it is harder to read credentials , e.g. from the file system. Also, the usage of a credential management system can help protect credentials.

Additional Information

Usefulness and Requirements of this Activity

Usefullness: High
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low


ISO27001 2017