Fork me on GitHub

Build and Deployment -> Deployment: Usage of feature toggles

Risk and Opportunity

Risk: By using environment dependent configuration, some parameters will not be tested correctly. i.e.
if (host == 'production') {} else {}
Opportunity: Usage of environment independend configration parameter, called feature toggles, helps to enhance the test coverage.

Exploit details

Usefullness: Low
Required knowledge: Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low

Additional Information

Dependencies: Same artefact for environments
Implementation hints: Docker
OWASP SAMM 1 Mapping: EG1-B
OWASP SAMM 2 Mapping: TODO