Git those passwords out your repos! - detecting leaked secrets at scale

  • Why having secrets, passwords and certificates in your codebase is a bad idea (even if they"re private!) * How can we detect these secrets and how should we handle the secrets we find? * Our lessons learnt managing detection at scale and how to implement automatic checks



Simon Gurney

Simon is one of the Punk Security Co-Founders and a DevSecOps consultant, helping clients integrate security into their application and infrastructure automation. He has over 15 years experience ...