LAB 220 - Defending Against Hard-Coded Secrets

Course Overview

Inclusion of Sensitive Information in source code comments is a type of vulnerability that allows malicious actors who are able to view the source code to recover that sensitive information, such as credentials or information about the infrastructure, and leverage it for attacks. This lab involves mitigating the issue in vulnerable code that contains authentication credentials.

In this lab, the learner will use an IDE to fix a Hard-coded Secret vulnerability in the code of a static web page without making any unnecessary changes to the code or the system.

Looking To Learn More?

Request more information on our courses and labs.

Course Details

Course Number: LAB 220

Course Duration: 5 minutes

Course CPE Credits: 0.25

NICE Specialty Areas

Risk Management (RSK)
Software Development (DEV)

Platform

Standard

CWE
OWASP ASVS
OWASP Web

Type

Skill Labs

Foreign Languages Available:

English