What happens after leaking an API key on GitHub? Experiment leaking AWS API key into GitHub
Thousands of secrets like API keys are leaked into public GitHub repositories every day. But what actually happens when these secrets are leaked?This video has an easy to recreate experiment which monitors malicious activity after leaking an AWS credential into a public GitHub repository.Links: Canary Tokens - https://canarytokens.orgGGShield - https://github.com/GitGuardian/ggshieldAPI Best Practices - https://blog.gitguardian.com/secrets-api-management/Timeline:0:00-Intro0:52-Generating a canary token3:02-Leaking the credential3:40-Results 5 minutes after leaked5:04-Results 15 minutes after leak 5:45-Results 1 hour after leak 6:12-Results 24 hours after leak 6:50-GitGuardian alerting 7:21-Preventing leaked secrets and credentials
Table of Contents
Video Transcript
GitGuardian is the code security platform for the DevOps generation.
With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
