Sign up to save your podcasts
Or
Share In plain sight: hunting secrets shared in code
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
In plain sight: hunting secrets shared in code
Security researchers have found millions of hard-coded secrets, in plain text, across both public and private code repositories.
These include credentials, API keys, AI tokens and MCP configuration files.
And AI is making the problem worse, with AI-assisted commits adding to this "secrets sprawl".
Unless developers control how they manage secrets in their code, we are leaving the door open to malicious actors. And the growth of non-human identities (NHIs) only makes it worse.
Our guest is Dwayne McDaniel, principal developer advocate at GitGuardian, which recently published their research into secrets sprawl.
View all episodes
By securityinsightsSecurity researchers have found millions of hard-coded secrets, in plain text, across both public and private code repositories.
These include credentials, API keys, AI tokens and MCP configuration files.
And AI is making the problem worse, with AI-assisted commits adding to this "secrets sprawl".
Unless developers control how they manage secrets in their code, we are leaving the door open to malicious actors. And the growth of non-human identities (NHIs) only makes it worse.
Our guest is Dwayne McDaniel, principal developer advocate at GitGuardian, which recently published their research into secrets sprawl.
More shows like Security Insights
View all
Cybersecurity Today
178 Listeners