How is the protection of credentials from misuse carried out?
The credentials of the appliance users themselves are stored in the internal database as a random hexadecimal string + SHA256 hash of the hexadecimal string and password.
The credentials used for authentication at target hosts are stored in the internal database together with other sensitive information as a concatenated string that is encrypted using GnuPG. The key used for this is a 2048 bit RSA key.
The volumes of the appliance are encrypted as well using AES256.