Vulnerable Code
https://github.com/Seagate/TCGstorageAPI/blob/e13727ffc710fb2c39a3448b30cf0a9ae03d37c6/sed_cli/keymanager/keymanager_vault.py#L94
Secure Code Warrior Training Material
● Training
▪ [Secure Code Warrior Hardcoded Password/Credentials Training](https://portal.securecodewarrior.com/?utm_source=partner-integration:mend&partner_id=mend#/contextual-microlearning/web/infoexposure/sensitiveinfo/python/vanilla)
● Videos
▪ [Secure Code Warrior Hardcoded Password/Credentials Video](https://media.securecodewarrior.com/v2/module_57_sensitive_data_exposure.mp4)
● Further Reading
▪ [OWASP Top Ten 2017 A3: Sensitive Data Exposure](https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure)
▪ [OWASP Top Ten Proactive Controls 2018 C8: Protect Data Everywhere](https://owasp.org/www-project-proactive-controls/v3/en/c8-protect-data-everywhere)
▪ [OWASP Top Ten 2021 A02: Cryptographic Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures/)
Code Security Report
Scan Metadata
Latest Scan: 2024-08-22 10:34pm Total Findings: 1 | New Findings: 0 | Resolved Findings: 0 Tested Project Files: 25 Detected Programming Languages: 2 (C/C++ (Beta), Python)
Finding Details
Vulnerable Code
https://github.com/Seagate/TCGstorageAPI/blob/e13727ffc710fb2c39a3448b30cf0a9ae03d37c6/sed_cli/keymanager/keymanager_vault.py#L94Secure Code Warrior Training Material
● Training ▪ [Secure Code Warrior Hardcoded Password/Credentials Training](https://portal.securecodewarrior.com/?utm_source=partner-integration:mend&partner_id=mend#/contextual-microlearning/web/infoexposure/sensitiveinfo/python/vanilla) ● Videos ▪ [Secure Code Warrior Hardcoded Password/Credentials Video](https://media.securecodewarrior.com/v2/module_57_sensitive_data_exposure.mp4) ● Further Reading ▪ [OWASP Top Ten 2017 A3: Sensitive Data Exposure](https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure) ▪ [OWASP Top Ten Proactive Controls 2018 C8: Protect Data Everywhere](https://owasp.org/www-project-proactive-controls/v3/en/c8-protect-data-everywhere) ▪ [OWASP Top Ten 2021 A02: Cryptographic Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures/)