Carole
Winqwist
CMO at GitGuardian
"Exposed credentials - How attackers find and exploit secrets in source code"
"Exposed credentials - How attackers find and exploit secrets in source code"
10 - 9:10 AM EDT/New York (See in local time)
Add to Calendar
04//2024 9:10 AM
04//2024 09:30 AM
America/New_York
#WTGC2024
"Exposed credentials - How attackers find and exploit secrets in source code"
#WTGC2024
"Exposed credentials - How attackers find and exploit secrets in source code"
https://app.events.ringcentral.com/events/women-in-tech-global-conference-2024/reception
https://www.womentech.net/vfairs
"Exposed credentials - How attackers find and exploit secrets in source code"
"Exposed credentials - How attackers find and exploit secrets in source code"
Don’t miss out and join visionaries, innovators, and thought leaders from all over the world at the Women in Tech Global Conference.
Vote by Sharing
Unite 100 000 Women in Tech to Drive Change with Purpose and Impact.
Do you want to see this session? Help increase the sharing count and the session visibility. Sessions with +10 votes will be available to career ticket holders.
Please note that it might take some time until your share & vote is reflected.
Session: Exposed credentials - How attackers find and exploit secrets in source code
GitHub is the largest platform for open-source code, more than 80 million developers are active on the platform and tens of millions of public repositories are created every single year. But public code distribution on this scale brings with it a serious security threat, the unwanted exposure of API keys, credentials, and other secrets, a problem known as Secrets Sprawl.These secrets are the crown jewels of our applications and if leaked can grant attackers access to our application's core infrastructure and data. This includes access to databases, cloud infrastructure and third-party services. The scale of the problem is exposed clearly in the yearly report released by GitGuardian titled “The State of Secrets Sprawl”. The report uncovered millions of secrets exposed in PUBLIC git repositories on GitHub.
This presentation is going to present the 2023 State Of Secrets Sprawl report. This new report shows that the total number of secrets being leaked publicly has increased since 2021 and goes into detail about the types of secrets being leaked and core contributing factors for leaked secrets.
The presentation will also explore:
Recent high profile security breaches and how attackers found and exploited secrets
What happens when you leak secrets publicly
How developers can securely store and share their secrets
What to do if you do accidentally leak secrets
Key Takeaways
- The audience will be left with a clear understanding of how big the problem of leaked secrets in apps is,
- why the problem of secrets sprawl exists
- How developers can prevent secrets from sprawling.
Bio
Carole is the CMO of GitGuardian, the code security platform for the DevOps generation. She has done all her career in the software industry and has in-depth expertise of BtoB Enterprise marketing and Developer marketing. From a large group to start-ups she has built effective marketing strategies managing teams in Europe and in the US. She also likes to share her experience and advise on best-practices and is a member of local or international CMO groups.