How to find them and eliminate them from your code
Fixing the value of a key or password in source code or configuration files is one of the most pervasive and easy-to-exploit errors in cryptography. Of 916 cryptography-related CVEs in 2018, 124 were hardcoded credential issues, more than 13%. Hardcoded credentials have been implicated in many high-profile breaches, for example at Uber and Solarwinds.
In this video Graham explains how serious this problem is and how you can find and eliminate any hard-coded keys lurking inside your application code.
In this webinar, Dr Graham steel takes a fresh look at the hardcoded key problem, working through some real case studies, and identifying strategies that are effective in eliminating them at scale.