This bingo card has a free space and 24 words: Hardcoded credentials in source code, Public S3 bucket with sensitive data, Disabled MFA on an admin account, API key exposed in a public repository, Outdated dependency with known CVEs, Unpatched critical vulnerability in production, Default passwords still in use, SQL query without parameterized inputs, Logging sensitive data in plaintext, No input validation on user input, “It works on my machine” response to security concerns, Unencrypted database storage for PII, Missing security headers (CSP, HSTS, etc.), Using eval() in production code, Lack of RBAC (everyone is an admin), Open source library without a security review, Developers sharing passwords via Slack/email, No security testing in CI/CD pipeline, Ignoring security warnings in dependency scans, Merging code with critical security issues, "We don’t have time for security" excuse, Exposing sensitive environment variables in logs, Lack of rate limiting on APIs and No logging or monitoring for security events.
Cybersecurity Bingo | Securtiy bingo | IEP BINGO | Salesforce Development Practices Bingo | Bingoh-no
Share this URL with your players:
For more control of your online game, create a clone of this card first.
Learn how to conduct a bingo game.
With players vying for a you'll have to call about __ items before someone wins. There's a __% chance that a lucky player would win after calling __ items.
Tip: If you want your game to last longer (on average), add more unique words/images to it.
