C-006 - Credential & Secrets Management
Objective
Prevent credential leakage and misuse through secure storage and handling of secrets.
Type
Preventive
Scope
- All services
- Administrative credentials
- API tokens
Implementation
- Use of secure vault
- Unique credentials per service
- Controlled access to secrets
Related Risks
Validation
- Review of credential storage practices
- Verification of credential uniqueness
Status
Active
Owner
Sec