Secrets Exposed: The why, the how – and what to do about – secrets security in software

Secrets Exposed: The why, the how – and what to do about – secrets security in software

For software development teams to maintain and properly set up development environments and pipelines, they need to use software secrets such as environment variables, tokens and keys in these processes ...
Secrets Exposed: How to mitigate risk from secrets leaks — and prevent future breaches

Secrets Exposed: How to mitigate risk from secrets leaks — and prevent future breaches

Leaks and exposures of sensitive information in open source and proprietary code repositories are approaching epidemic proportions. Hardly a week goes by without reports of attacks on firms that leverage credentials, tokens ...
Introducing New Secrets Management Capabilities For Mitigating Software Supply Chain Risk

Introducing New Secrets Management Capabilities For Mitigating Software Supply Chain Risk

Businesses are vulnerable to software supply chain breaches when software releases leak secrets such as authentication credentials, hardcoded passwords, API tokens, and encryption keys. Look no further than the CircleCI, Toyota and ...
Plugging secrets leaks requires holistic software and technology stack protection

Plugging secrets leaks requires holistic software and technology stack protection

Secrets leaks have become a disturbing trend on GitHub, and may pose a serious risk to your organization's software supply chain. Developers are leaving secrets such as login credentials, API keys, SSH ...
Lessons learned from the CircleCI secrets breach

Lessons learned from the CircleCI secrets breach

Software supply chain security has become a top priority for organizations, but new threats continue to surface that security teams need to be aware of. A harsh reality hit the industry this ...
Secrets Exposed: Why modern development, open source repositories spill secrets en masse

Secrets Exposed: Why modern development, open source repositories spill secrets en masse

For software development teams, the warning just after the New Year from DevOps platform vendor CircleCI to immediately rotate any secrets they had stored on the company’s continuous integration platform was worse ...