Sensitive Data Exposure
mediumsensitive-data-exposure
Sensitive data exposed through improper storage, transmission, or access controls
Information Disclosure
MITRE ATT&CK techniques
| ID | Name | Tactic |
|---|---|---|
| T1552 | Unsecured Credentials | Credential Access |
| T1530 | Data from Cloud Storage Object | Collection |
Common Weakness Enumeration
Mitigating controls
ctrl-sensitive-1- Encrypt sensitive data at rest and in transit
ctrl-sensitive-2- Implement proper access controls
ctrl-sensitive-3- Use secrets management solutions
ctrl-sensitive-4- Mask sensitive data in logs and outputs
ctrl-sensitive-5- Implement data classification and handling policies