• Online, Self-Paced
Course Description

Inclusion of Sensitive Information in source code comments is a type of vulnerability that allows malicious actors who are able to view the source code to recover that sensitive information, such as credentials or information about the infrastructure, and leverage it for attacks. This lab involves mitigating the issue in vulnerable code that contains authentication credentials.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills required to:

  • Find and fix the vulnerable block of code and fix it using the appropriate industry best practices without making any unnecessary changes to the code or the system
  • Apply industry best practices to mitigate the use of hard-coded secrets

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Software Development