Secrets detection Implementing a detector at GitGuardian : a use case with MongoDB credentials Pierre Lalanne ISAE-Supaéro aeronautics engineering graduate specializing in data science Data Scientist | GitGuardian | Team SecretsIn previous blog posts we saw the subtleties of recall and precision when detecting secrets in
Secrets detection State of Secrets Sprawl on GitHub - 2021 GitGuardian has been scanning every single public commit made on GitHub for secrets since 2017, now we are releasing our findings in the most comprehensive study on secrets sprawl ever conducted.
Secrets detection Building reliable secrets detection - Secrets in source code (episode 3/3) In our last two posts, we took a deep dive into how secrets sprawl and why secrets inside git are such a problem. Both of those articles brought up automated
Secrets detection The threat of leaked secrets in git repositories - A discussion between security experts Secrets including API tokens, passwords and credentials are the keys to the kingdom. Yet storing secrets inside git including GitHub & GitLab is a problem. Security experts discuss why this is & how to solve this.
Secrets detection Building internal secrets detection solutions: a case study about how SAP scans git repos for secrets This article looks at how SAP built an internal secrets scanning solution to detect API keys and other credentials hardcoded in git repos and revoke them.
Secrets detection Why secrets in git are such a problem - Secrets in source code (episode 2/3) Despite secrets like API keys, OAuth tokens, certificates and passwords being extremely sensitive, it is common for these to leak into git repositories through source code. This article looks at why this is true and how we can prevent it.
Secrets detection Mitigate Growing Application Security Risks with Automated Secrets Detection Credential theft is already a well-known adversary technique but the risk expands much wider when introducing secrets such as API keys. This article looks at automated secrets detection, the challenges, and potential solutions.
Secrets detection Secret sprawl and the attack surface - Secrets in source code (episode 1/3) The first in a series of articles that will take a deep dive into secrets within source code: In this article, we will look at the concept of secret sprawl, the unwanted distribution of secrets through multiple systems, and how we can prevent it.
Secrets detection GitHub security: what does it take to protect your company from credentials leaking on GitHub? An in depth guide intended for CISOs, application security and other security professionals who want to protect their organizations from credentials leaked on GitHub.
Secrets detection Assessing model performance in secrets detection: accuracy, precision & recall explained Why precision and recall are such important metrics to consider when evaluating the performance of classification algorithms such as secrets detection.
Secrets detection 18 months scanning GitHub for sensitive data November 2018: Here is what we've learned, achieved, and what's coming next.