Tag: Secrets

The Scanner We Really Need

Don Macvittie | May 25, 2022 | automating security, scanning, Secrets, secrets management

IT has scanners for everything. And by everything, I mean everything. We scan source code for vulnerabilities and data leaks. We scan apps for vulnerabilities. We scan the network for holes. We ...

secrets Libbpf BCC BPF kernel developer citizen secure software

Managing Hardcoded Secrets to Shrink Your Attack Surface

John Morton | May 20, 2022 | devsecops, Secrets, secrets management, secure coding

The practice of hardcoding secrets—such as authentication credentials, passwords, API tokens and SSH Keys—as non-encrypted plain text into source code or scripts has been common in software development for many years. It ...

It is Time to Secure Git

Don Macvittie | February 2, 2022 | GIT, Git Security, gitops, GitOps framework, Secrets

At this point, we’ve got a ton of experience with the bits of Git that we use. And locking down Git is well-documented. Okay, it is documented; we can say that, at ...

DevOps Teams Struggling to Keep Secrets

Nathan Eddy | November 23, 2021 | CI/CD, devsecops, Secrets, secrets management, secure coding

A growing number of organizations are suffering security incidents related to exposed secrets in DevOps CI/CD pipelines, according to a recent ThycoticCentrify report. The study paints a troubling picture: Only 5% of ...

Don’t Look at This! IT’S A SECRET!

Don Macvittie | July 20, 2021 | API Keys, automation, AWS, Git Guardian, github, Secrets

To continue the discussion about secrets after perusing this excellent report by GitGuardian—last time I went a little nuts about the number of secrets exposed in IT folks' personal repositories. And it ...