.png)
GitGuardian Internal Repository Monitoring helps prevent secret sprawl
GitGuardian Internal Repository Monitoring helps prevent secret sprawl
.png)
Currently the largest host of source code in the world, GitHub has been adopted by many companies for software development and version control using the git protocol.
However, running security audits at the end of the software development life cycle is a huge amount of work for security teams.
Modern organizations, therefore, decide to shift left so that development, operations, and security teams can scan and test their code in GitHub at each step of the development process, reducing the vulnerability surface.
Applications are becoming increasingly modular and secrets are necessary to link all these components. API keys or database credentials give access to multiple systems including cloud infrastructure, databases, payment systems. Having critical secrets in your code base is like leaving your keys on your front door.
This problem has a name: “secret sprawl”. Secrets can be hardcoded in configuration files or source code to save time for tests, they can be shared to colleagues for simplicity’s sake. Malicious actors can exploit this to move laterally and become persistent in the systems. Secrets are becoming more accessible internally, but also externally.
Human error can happen. But when teams are under pressure, it is all the more likely. With more to be done and less time to do it, developers can leak secrets by mistake. Running an analysis that scans the source code for security vulnerabilities can identify these mistakes.
Integrate natively with GitHub or use our API to integrate GitGuardian into your CI pipeline.
Scan your existing GitHub repositories for secrets left in your git history.
Integrate with most common ticketing
and notification systems.
State of Secrets Sprawl on GitHub - 2021
The 2021 State of Secrets Sprawl report measures the problem of Secrets Sprawl on public GitHub by scanning every public commit made in the previous year for secrets.
The threat of leaked secrets in git repositories - A discussion between security experts
Secrets including API tokens, passwords and credentials are the keys to the kingdom. Yet storing secrets inside git including GitHub & GitLab is a problem.
Assessing model performance in secrets detection: accuracy, precision & recall explained
Why precision and recall are such important metrics to consider when evaluating the performance of classification algorithms such as secrets detection.
GitGuardian is the code security platform for the DevOps generation.
With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
