all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Plugging secrets leaks requires holistic software and technology stack protection

Add to bookmarks
March 13, 2023, 1:30 p.m. | matthew.rose@reversinglabs.com (Matt Rose)

ReversingLabs Blog blog.reversinglabs.com




Secrets leaks have become a disturbing trend on GitHub, and may pose a serious risk to your organization's software supply chain. Developers are leaving secrets such as login credentials, API keys, SSH keys, encryption keys, and database passwords exposed in their code and comments. Unfortunately, those secrets are an integral part of any application — and a prime target for threat actors to discover when stored in code repositories.

api api keys application code code repositories comments credentials database developers discover encryption encryption keys exposed github keys leaks login login credentials may organization passwords prime protection repositories risk secrets secrets security serious software software supply chain software supply chain security ssh ssh keys supply supply chain target technology threat threat actors trend

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

NSA's zero-trust maturity for AppSec: What you need to know 2 days, 16 hours ago | blog.reversinglabs.com
agency application appsec appsec & supply chain security +17
Security operations by the numbers: 30 cybersecurity stats that matter 3 days, 19 hours ago | blog.reversinglabs.com
cybersecurity defenses enterprise enterprise it +17
The state of AppSec: Are we getting better — or falling behind? 4 days, 20 hours ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +7
Why shareable SBOMs are essential for software security 1 week, 3 days ago | blog.reversinglabs.com
appsec & supply chain security bills building collecting +21
Will CISA's Secure by Design pledge be a catalyst for better software security? 1 week, 4 days ago | blog.reversinglabs.com
adoption agency akamai amazon +17
When it comes to threat modeling, not all threats are created equal 2 weeks, 2 days ago | blog.reversinglabs.com
appsec & supply chain security can career fix +4
CISA's new 'vulnrichment' program aims to bolster the NVD 2 weeks, 3 days ago | blog.reversinglabs.com
agency appsec & supply chain security bolster cisa +17
ReversingLabs Search Extension for Splunk Enterprise 2 weeks, 4 days ago | blog.reversinglabs.com
apis application blog command +13
What you missed at RSA Conference 2024: Key trends and takeaways 2 weeks, 4 days ago | blog.reversinglabs.com
america appsec & supply chain security artificial intelligence (ai) center +20

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com