This mitigation describes any guidance or training given to developers of applications to avoid introducing security weaknesses that an adversary may be able to take advantage of.
Domain | ID | Name | Use | |
---|---|---|---|---|
ICS | T0859 | Valid Accounts |
Ensure that applications and devices do not store sensitive data or credentials insecurely (e.g., plaintext credentials in code, published credentials in repositories, or credentials in public cloud storage). [1] |