This app started as a bad example app for a talk for AllDayDevops in 2020, "DevSecOps — Our Secret Management Journey from Code to Vault". How an organisation handles its secrets reflects its security maturity, yet secrets management is not a "sexy" topic even within security. Many security breaches have their roots in improper management of secrets. It turns out people do want some more guidance on it!
Hence, we reworked the code base of this project and filed for it to become an OWASP project. Our goal is to educate people about secrets management and its pitfalls while they have a good time learning!
We hope you can better assess and implement proper secrets management after going through the challenges and explanations in our app. Have fun, and remember to star us on GitHub!
If you like WrongSecrets and its mission, please consider supporting OWASP in our name!
Copyright (c) 2020-2023 Jeroen Willemsen and WrongSecrets contributors.
Licensed under AGPLv3