Fork me on GitHub

Build and Deployment -> Deployment: Usage of feature toggles

Risk and Opportunity

Risk: By using environment dependent configuration, some parameters will not be tested correctly. i.e.
if (host == 'production') {} else {}
Opportunity: Usage of environment independent configuration parameter, called feature toggles, helps to enhance the test coverage. Only what has been tested, goes to production.

Exploit details

Usefullness: Low
Required knowledge: Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low

Additional Information

Dependencies: Same artifact for environments
Implementation hints: Docker
OWASP SAMM 1 Mapping: EG1-B
ISO27001:2017 Controls Mapping: