Cloud Security Podcast - we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the fourth episode in this series Mackenzie Jackson from GitGuardian. Mackenzie Jackson from GitGuardian was part of a report that found 10 Million secrets stored across the entire Github space on the internet. In this interview we go into how secrets have evolved from just being username/password to API Tokens, AWS Access Keys and whole lot more.
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
FREE CLOUD BOOTCAMPs on www.cloudsecuritybootcamp.com
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Socials: Shane Lawrence (Shane's Linkedin) and Daniele Santos (Dani's Linkedin)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
(00:00) Introduction
(03:42) A bit about Mackenzie Jackson
(04:16) What are secrets?
(05:28) How are we dealing with secrets?
(07:35) Mackezie talks about GitGuardian's Secret Sprawl Report
(11:43) Managing history in Github
(12:37) Mackenzie talks about ggcanary
(14:09) Common types of secrets found in scans
(15:42) Responsibility of Github and CSP providers
(17:12) Are people ready to respond to honey token alarms?
(20:33) Breaches causes by leaked secrets
(23:34) Fun facts found in Secrets Sprawl Report
(24:25) Secret sprawl is going to happen
(25:09) Where do people start?
(26:06) Implementing Git Hook as a security measure
(28:08) How to get people to care about secrets
(30:06) Where can people learn about secrets protection?
(31:25) Where you can reach Mackenzie for more questions on secrets?
See you at the next episode!