Application Developer Guidance

This mitigation describes any guidance or training given to developers of applications to avoid introducing security weaknesses that an adversary may be able to take advantage of.

ID: M0913
Security Controls: NIST SP 800-53 Rev. 4 - AT-3, NIST SP 800-53 Rev. 4 - AT-3
Version: 1.0
Created: 25 October 2017
Last Modified: 19 September 2023

Techniques Addressed by Mitigation

Domain ID Name Use
ICS T0859 Valid Accounts

Ensure that applications and devices do not store sensitive data or credentials insecurely (e.g., plaintext credentials in code, published credentials in repositories, or credentials in public cloud storage). [1]

References