add stored secrets

Author: wurstbrot

data/TestandVerification.yml

@@ -612,4 +612,16 @@ Static depth for infrastructure:
      - <a href="https://github.com/aquasecurity/kube-bench">kube-bench</a>
     samm: EH2-B
     samm2: v-security-testing|A|1
+  Stored Secrets:
+    risk: Stored secrets in git history or directly in code shouldn't exists because they might be read unauthorized.
+    measure: Test for secrets in code and history
+    difficultyOfImplementation:
+      knowledge: 2
+      time: 1
+      resources: 2
+    usefulness: 2
+    level: 2
+    implementation:
+      - <a href="https://github.com/dxa4481/truffleHog">truffleHog</a>
+    samm2: v-security-testing|A|1  
 ...