Build and Deployment -> Deployment: Handover of confidential parameters
Risk and Opportunity
Risk: Attackers who compromise a system can see confidential access information like database credentials. Parameters are often used to set credentials, for example by starting containers or applications. These parameters can often be seen by any one listing running processes on the target system.
Opportunity: By using encryption, it is harder to read credentials , e.g. from the file system. Also, the usage of a credential management system can help protect credentials.
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low
Dependencies: Environment depending configuration parameters
OWASP SAMM 1 Mapping: SA2-A
OWASP SAMM 2 Mapping: i-secure-deployment|B|2 TODO might be 1