.png)
GitGuardian Internal Repository Monitoring helps prevent secret sprawl
Prevent secrets sprawl.
.png)
BitBucket Server, formerly known as Stash, is an Atlassian distributed Version Control System that can be deployed on-premise and can be offered for free to open source projects. Favored by many DevOps teams, BitBucket Server provides integrations with the rest of Atlassian products.
However, running security audits at the end of the software development life cycle is a huge amount of work for security teams.
Modern organizations, therefore, decide to shift left so that development, operations, and security teams can scan and test their code in BitBucket server at each step of the development process, reducing the vulnerability surface.
Applications are more and more modular and secrets are used to programmatically link components. API keys and other credentials give access to multiple systems including cloud infrastructure, databases, payment systems. Exposing these secrets is like leaving your keys on your front door.
This problem is so critical that it even has a name : “secret sprawl”. Secrets are hardcoded in configuration files or source code, they are shared over slack or email.
This exposure allows malicious actors to move laterally and become persistent. Secrets are becoming far too accessible internally but also externally.
Development teams are growing and they have to use more and more technologies while release cycles are becoming shorter . All conditions are gathered for more human errors. Code scanning in Bitbucket for security vulnerabilities is the best way to find those mistakes.
Integrate natively with Bitbucket or use our API to integrate GitGuardian into your CI pipeline.
Scan your existing Bitbucket repositories for secrets left in your git history.
Integrate GitGuardian to your ticketing
and notification systems.
State of Secrets Sprawl on GitHub - 2021
The 2021 State of Secrets Sprawl report measures the problem of Secrets Sprawl on public GitHub by scanning every public commit made in the previous year for secrets.
The threat of leaked secrets in git repositories - A discussion between security experts
Secrets including API tokens, passwords and credentials are the keys to the kingdom. Yet storing secrets inside git including GitHub & GitLab is a problem.
Assessing model performance in secrets detection: accuracy, precision & recall explained
Why precision and recall are such important metrics to consider when evaluating the performance of classification algorithms such as secrets detection.
GitGuardian is the code security platform for the DevOps generation.
With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
