Episode 11 of The Developer Tools Podcast. Lucas and Luna dig into a persistent security problem: API keys and secrets accidentally committed to public and private Git repositories. They unpack a real 2024-2025 GitHub data leak study, explain how automated scanners find exposed credentials within minutes, and compare secret-scanning tools like GitGuardian, TruffleHog, and GitHub's built-in push protection. The hosts walk through why developers still leak secrets despite awareness campaigns, the role of pre-commit hooks and environment variables, and what a practical remediation workflow looks like. No panic, no FUD — just a grounded conversation about a boring, expensive vulnerability that every engineering team should have a plan for. If you build software or manage developers, this episode gives you one concrete thing to check on Monday morning.

#API #Security #Git #SecretsManagement #DevTools #GitGuardian #TruffleHog #PreCommitHooks #DevSecOps #DataBreach #Automation #SoftwareEngineering #Infrastructure #BusinessAndTechnology #FexingoBusiness #BusinessPodcast #DeveloperTools #CyberSecurity

Keep every episode free: buymeacoffee.com/fexingo