Hard-Coded Keys

How to find them and eliminate them from your code

Fixing the value of a key or password in source code or configuration files is one of the most pervasive and easy-to-exploit errors in cryptography. Of 916 cryptography-related CVEs in 2018, 124 were hardcoded credential issues, more than 13%. Hardcoded credentials have been implicated in many high-profile breaches, for example at Uber and Solarwinds.

The "Hard-Coded Key Problem"

In this video Graham explains how serious this problem is and how you can find and eliminate any hard-coded keys lurking inside your application code.

Hard-Coded Keys Webinar

In this webinar, Dr Graham steel takes a fresh look at the hardcoded key problem, working through some real case studies, and identifying strategies that are effective in eliminating them at scale.

watch the webinar