Cloud Security Podcast
Have I lost my Secrets?
Nov 6, 2023
Ziad Ghalleb, Founder of GitGuardian, talks about their free tool 'HasMySecretLeaked' to check if your secret was exposed on GitHub. They discuss the perception of secrets and security among developers, the importance of addressing leaked secrets, and the need to avoid repeating mistakes. The podcast also explores challenges with shadow code and personal emails on GitHub and highlights resources for increasing awareness and ensuring secret security.
29:00
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Expand secret management programs beyond AWS and consider the range of services and platforms in use.
- Utilize the Has My Secret Leaked tool by GitGuardian to check if secrets have been exposed on GitHub.
Deep dives
The Importance of Secret Management Programs
In this podcast episode, the speaker highlights the significance of secret management programs, particularly in relation to cloud-based environments. They emphasize the need to expand existing secret management programs beyond just AWS secrets and consider the range of services and platforms in use. The speaker suggests that a discovery phase is essential to identify the architecture and types of services utilized. They stress the importance of going back to first principles and threat modeling to ensure comprehensive coverage. By focusing on observability, continuous monitoring, and an outcome-based approach, organizations can aim for minimal secret leaks and a zero-heartcoded secrets policy.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
