Defense in Depth

Managing Data Leaks Outside Your Perimeter

Apr 18, 2024

Developer advocate Mackenzie Jackson discusses managing data leaks outside your perimeter, addressing the challenges of third-party leaks, the need for security-conscious culture in software development, securely managing secrets and credentials, proactive measures like scanning code repositories for leaks, and safeguarding keys with tools like Gigi Shield and hasmysecretleaked.

29:56

Creator website

Episode guests

Mackenzie Jackson

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Protecting data from third-party leaks requires cultural shifts and user-friendly tools.

Effective secrets management includes regular rotation, dynamic secrets, and multi-layered defense strategies.

Deep dives

Addressing Data Leaks from Third Parties

Protecting data within your organization is essential, but data leaks from third parties pose a significant challenge. Such leaks often involve organizational secrets and lead to data being repackaged and sold, creating a data leak life cycle. Reports suggest that one in ten developers inadvertently leak secrets. Admitting to this issue and integrating solutions into the development pipeline are crucial steps in addressing these challenges.

Introduction

2min

Addressing Data Leak Risks in Software Development

2min

Strengthening Developer Security Culture

7min

Importance of Securely Managing Secrets and Credentials

5min

Safeguarding Credentials and Secrets in Software Development

9min

Importance of Securing Keys and Managing Secrets

4min

All links and images for this episode can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our sponsored guest, Mackenzie Jackson, developer advocate, GitGuardian.

In this episode:

How to manage data leaks outside your perimeter?
When data leaks increasingly come from third-parties, what can you do to protect your organization?
How do we even begin to address this problem?
Is there a one size fits all fix?

Thanks to our podcast sponsor, GitGuardian

GitGuardian is a Code Security Platform that caters to the needs of the DevOps generation. It provides a wide range of code security solutions, including Secrets Detection, Infra as Code Security, and Honeytoken, all in one place. A leader in the market of secrets detection and remediation, its solutions are already used by hundreds of thousands of developers in all industries. Try now gitguardian.com

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Defense in Depth

Managing Data Leaks Outside Your Perimeter

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Addressing Data Leaks from Third Parties

Cultural and Human-Centric Approach to Data Protection

Strategies for Effective Secrets Management

Remember Everything You Learn from Podcasts