AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Credential Digger is an SAP Open-Source code scanner for detecting hardcoded secrets. In this episode, Slim Trabelsi discusses with host Karsten Hohage what led to the creation of Credential Digger and about its key differentiators. Slim also speaks of the early challenges of scanning for secrets, and lists the many advantages of using open source for building and maintaining Credential Digger. Open source comes with visibility for customers, and contributors can work on a project even before they join the team or after they leave, leading to improved continuity and a better tool overall.
Guests:
Slim Trabelsi joined SAP 15 years ago and currently works as a senior security expert in the SAP Security Research team. His background includes data privacy, data protection, and social media security. He is currently focusing his research activities on cyber security, threat intelligence, and surveillance. Slim recently developed an open-source tool called Credential Digger, which is used to identify hardcoded secrets in source code repositories like GitHub.
- Twitter: https://twitter.com/slim_security
- LinkedIn: https://www.linkedin.com/in/slim-trabelsi-94534a83/
- GitHub: https://github.com/SlimTrabelsi
- SAP People: https://people.sap.com/slim.trabelsi
Show Notes:
- Links
- https://github.com/SAP/credential-digger
- https://github.com/SAP/vs-code-extension-for-project-credential-digger
- Credential Digger: Using Machine Learning to Identify Hardcoded Credentials in Github – blog post
- SAP Security Research
- https://huggingface.co/SAPOSS/password-model
- NIST – Source Code Security Analyzers
- SAP Open Source Program Office
- Additional Downloads:
Hosted by Karsten Hohage – Product Expert in Technology and Innovation (T&I)
LinkedIn: https://www.linkedin.com/in/karsten-hohage-0180312/
The post Credential Digger – detecting leaked secrets on GitHub first appeared on The Open Source Way.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode