Cloud Wars
  • Home
  • Top 10
  • CW Minute
  • CW Podcast
  • Categories
    • AI and Copilots
    • Innovation & Leadership
    • Cybersecurity
    • Data
  • Member Resources
    • Cloud Wars AI Agent
    • Digital Summits
    • Guidebooks
    • Reports
  • About Us
    • Our Story
    • Tech Analysts
    • Marketing Services
  • Summit NA
  • Dynamics Communities
  • Ask Copilot
Twitter Instagram
  • Summit NA
  • Dynamics Communities
  • AI Copilot Summit NA
  • Ask Cloud Wars
Twitter LinkedIn
Cloud Wars
  • Home
  • Top 10
  • CW Minute
  • CW Podcast
  • Categories
    • AI and CopilotsWelcome to the Acceleration Economy AI Index, a weekly segment where we cover the most important recent news in AI innovation, funding, and solutions in under 10 minutes. Our goal is to get you up to speed – the same speed AI innovation is taking place nowadays – and prepare you for that upcoming customer call, board meeting, or conversation with your colleague.
    • Innovation & Leadership
    • CybersecurityThe practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
    • Data
  • Member Resources
    • Cloud Wars AI Agent
    • Digital Summits
    • Guidebooks
    • Reports
  • About Us
    • Our Story
    • Tech Analysts
    • Marketing Services
    • Login / Register
Cloud Wars
    • Login / Register
Home » How to Address the Risks of Hard-Coded Secrets in Software Development
Cybersecurity Minute

How to Address the Risks of Hard-Coded Secrets in Software Development

Robert WoodBy Robert WoodJune 29, 2023Updated:June 29, 20232 Mins Read
Facebook Twitter LinkedIn Email
To adjust the volume hover the cursor over the volume bar
Share
Facebook Twitter LinkedIn Email
Acceleration Economy Cybersecurity

In episode 104 of the Cybersecurity Minute, Rob Wood builds on one of his recent analyses by explaining how to handle hard-coded secrets.

This episode is sponsored by “Selling to the New Executive Buying Committee,” an Acceleration Economy Course designed to help vendors, partners, and buyers understand the shifting sands of how mid-market and enterprise CXOs are making purchase decisions to modernize technology.

Highlights

00:40 — Hard-coded secrets have been a hot topic since the software development boom, with cloud services taking off. Now, as more code is open source, disclosures are being made into the public arena that could be damaging.

Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist
.

01:19 —You might have an application programming interface (API) token or a special URL that lets you access back-end functionality. It might be another credential, database, connection, or string. You don’t want to see that kind of information leaked.

01:36 — It’s important to get some kind of technology, step, or stage in place in your continuous integration/continuous deployment (CI/CD) pipeline to test for that kind of thing before your code gets merged. But if you have one of those leaks and don’t rotate the secret, it will still be in version control.

Insights into the Why & How to Secure SaaS Applications_featured
Guidebook: Secure SaaS Applications

02:12 — You have to close the loop so that even if somebody goes back in the version history and finds it, they won’t be able to take advantage of it. Just cleaning up the mess from the point that it was identified onward does not actually address the root of the issue.


for more cybersecurity insights, visit the cybersecurity channel

API database featured Open-Source Software security software development
Share. Facebook Twitter LinkedIn Email
Robert Wood

Robert Wood is an Acceleration Economy Analyst focusing on Cybersecurity. He has led the development of multiple cybersecurity programs from the ground up at startups across the healthcare, cyber security, and digital marketing industries. Between experience with startups and application security consulting he has both leadership and hands on experience across technical domains such as the cloud, containers, DevSecOps, quantitative risk assessments, and more. Robert has a deep interest in the soft skills side of cybersecurity leadership, workforce development, communication and budget and strategy alignment. He is currently a Federal Civilian for an Executive Branch Agency and his views are his own, not representing that of the U.S. Government or any agency.

Related Posts

Microsoft Adopts A2A Protocol, Agentic AI Era Begins

May 9, 2025

AI Agent & Copilot Podcast: Finastra Chief AI Officer Lays Out Range of Use Cases, Microsoft Collaboration

May 9, 2025

IBM Launches Microsoft Practice to Accelerate AI, Cloud, and Security Transformation

May 9, 2025

AI Agent & Copilot Podcast: JP Morgan Chase CISO Publicly Pushes for Stronger Security Controls

May 8, 2025
Add A Comment

Comments are closed.

Recent Posts
  • Microsoft Adopts A2A Protocol, Agentic AI Era Begins
  • AI Agent & Copilot Podcast: Finastra Chief AI Officer Lays Out Range of Use Cases, Microsoft Collaboration
  • IBM Launches Microsoft Practice to Accelerate AI, Cloud, and Security Transformation
  • AI Agent & Copilot Podcast: JP Morgan Chase CISO Publicly Pushes for Stronger Security Controls
  • ServiceNow Re-Invents CRM for End-to-End Enterprise

  • Ask Cloud Wars AI Agent
  • Tech Guidebooks
  • Industry Reports
  • Newsletters

Join Today

Most Popular Guidebooks

Accelerating GenAI Impact: From POC to Production Success

November 1, 2024

ExFlow from SignUp Software: Streamlining Dynamics 365 Finance & Operations and Business Central with AP Automation

September 10, 2024

Delivering on the Promise of Multicloud | How to Realize Multicloud’s Full Potential While Addressing Challenges

July 19, 2024

Zero Trust Network Access | A CISO Guidebook

February 1, 2024

Advertisement
Cloud Wars
Twitter LinkedIn
  • Home
  • About Us
  • Privacy Policy
  • Get In Touch
  • Marketing Services
  • Do not sell my information
© 2025 Cloud Wars.

Type above and press Enter to search. Press Esc to cancel.

  • Login
Forgot Password?
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.