Application Developer Guidance

From attackics
Jump to navigation Jump to search
Application Developer Guidance
Mitigation
ID M0913
NIST SP 800-53 Rev. 4 AT-3

Description

This mitigation describes any guidance or training given to developers of applications to avoid introducing security weaknesses that an adversary may be able to take advantage of.


Techniques Addressed by Mitigation

NameUse
Valid AccountsEnsure that applications and devices do not store sensitive data or credentials insecurely (e.g., plaintext credentials in code, published credentials in repositories, or credentials in public cloud storage).1


References

  1. ^  CISA. (2013, June). Risks of Default Passwords on the Internet. Retrieved September 25, 2020.

Retrieved from "https://collaborate.mitre.org/attackics/index.php?title=Mitigation/M0913&oldid=9008"