Young hacker smiling

We hack your software

zero false positives

Expert intelligence + effective automation

REQ.156 Source code without sensitive information

This documents contains the details of the security requirements related to source code security in the applications. This requirement establishes the importance of developing source code without sensitive information in order to avoid security breaches in the application.

Requirement

Source code must not contain sensitive information.

References

  1. OWASP-ASVS v3.1-1.10 Security is addressed within all parts of the software development lifecycle.

  2. OWASP-ASVS v3.1-2.29 Verify that secrets, API keys, and passwords are not included in the source code, or online source code repositories.


Service status - Terms of Use