Episode 36 — Code Weaknesses: Hardcoded Secrets and Unsafe Exception Handling (2.4)
This episode explains two code-level weaknesses that frequently create preventable security problems: hardcoded secrets and unsafe exception handling. Hardcoded passwords, API keys, tokens, certificates, and database credentials are dangerous because they may be exposed through repositories, logs, backups, shared scripts, compiled applications, or insider access. Unsafe exception handling can reveal stack traces, file paths, database errors, usernames, internal architecture details, or other clues useful to attackers. For the Security+ exam, students should connect these weaknesses to secure coding practices, secrets management, environment variables, vaults, code scanning, error handling standards, and careful logging that supports troubleshooting without exposing sensitive information. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with. And dont forget Cyberauthor.me for the companion study guide and flash cards!
