Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
Wiz
FIN-730
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Not Verified
What It Detects
A Wiz-monitored asset has secrets or credentials stored in plaintext environment variables. This is a critical security risk because environment variables are often logged, exposed in error messages, accessible via process inspection, and included in container metadata. Attackers who gain any level of access to the asset can trivially extract these credentials.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Connectors
match
Wiz
Extra Data
and
[{'key': 'Key', 'value': 'wiz.no_env_var_secret', 'operator': 'match'}, {'key': 'Value', 'value': 0, 'operator': 'match'}]
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum