{"title":"The nightmare of hard-coded credentials","authors":"Thomas Segura","doi":"10.12968/s1353-4858(23)70010-x","DOIUrl":null,"url":null,"abstract":"With increasing threats from cybercrime and state-sponsored actors around the world, companies need to focus their defence resources on elements that can most cost-effectively reduce their security debt and advance their DevSecOps maturity. Detecting hard-coded secrets in source code is a preventive tactic that greatly increases the cost to the attacker by removing the low-hanging fruits first. But this requires a strategic approach to preserve application security teams’ operational capacity.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"216 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.12968/s1353-4858(23)70010-x","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
With increasing threats from cybercrime and state-sponsored actors around the world, companies need to focus their defence resources on elements that can most cost-effectively reduce their security debt and advance their DevSecOps maturity. Detecting hard-coded secrets in source code is a preventive tactic that greatly increases the cost to the attacker by removing the low-hanging fruits first. But this requires a strategic approach to preserve application security teams’ operational capacity.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
