Git those passwords out your repos! - detecting leaked secrets at scale

  • Why having secrets, passwords and certificates in your codebase is a bad idea (even if they’re private!)
    • How can we detect these secrets and how should we handle the secrets we find?
    • Our lessons learnt managing detection at scale and how to implement automatic checks



Daniel Oates-Lee

Daniel Oates Lee is one of the cofounders of Punk Security, an innovative security company delivering managed DevSecOps. He has over 24 years of commercial IT experience, with 17 years focused on