Mackenzie Jackson

Secrets in source code (episode 1/3) - Secret sprawl and the attack surface

The first in a series of articles that will take a deep dive into secrets within source code: In this article, we will look at the concept of secret sprawl, the unwanted distribution of secrets through multiple systems, and how we can prevent it.

DevSecOps Glossary

A helpful glossary of common terms and definitions used in DevSecOps explained with amusing comics. We are constantly adding comics and terms so if you have an idea, please be sure to email

How to scan local files for secrets in python using the GitGuardian API

How to scan local files for secrets like API keys and security certificates in python using the GitGuardian API.

cheat sheets

Best practices for managing and storing secrets including API keys and other credentials [2020]

Storing and managing secrets like API keys and other credentials can be challenging, even the most careful policies can sometimes be circumvented in exchange for convenience. We have compiled a list of some

Cyber Security Tools

8 free security tools every developer should know and use to Shift Left

A list of 8 free must use security tools every developer should know about to help them secure their code and Shift Left.

secrets detection

Assessing model performance in secrets detection: accuracy, precision & recall explained

Why precision and recall are such important metrics to consider when evaluating the performance of classification algorithms such as secrets detection.

8 steps to keep remote development teams secure

There is no doubt that the world's workforce is becoming more remote, particularly in tech as developers can now work from any location in the world. But there are a large number of

Exposing secrets on GitHub: What to do after leaking credentials and API keys

If you have discovered that you have just exposed a sensitive file or secrets to a public git repository, there are some very important steps to follow.