Our great sponsors
-
wrongsecrets
Discontinued Vulnerable app with examples showing how to not use secrets [Moved to: https://github.com/OWASP/wrongsecrets] (by commjoen)
OWASP SAMM on secret management Secure deployment Exercises/examples on how(not) to use secrets Canarytokens Have I been pwned? Gitleaks, Trufflehog
-
OWASP SAMM on secret management Secure deployment Exercises/examples on how(not) to use secrets Canarytokens Have I been pwned? Gitleaks, Trufflehog
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
OWASP SAMM on secret management Secure deployment Exercises/examples on how(not) to use secrets Canarytokens Have I been pwned? Gitleaks, Trufflehog
-
Some data breach stories involve an external entity informing an organization that it might have been breached. This doesn’t have to be the case. Like canaries in coal mines were used to warn of gas, you can put canary tokens, users, or access keys in various places. The moment these are accessed or used, they alert you of possible mischief, giving you an early warning (which might be your only one). One service that you could get started with is canarytokens.org.
Related posts
- Ask HN: What are the best automated tools for keeping credentials out of GitHub?
- Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history
- Thinking Like a Hacker: AWS Keys in Private Repos
- Toyota Accidently Exposed a Secret Key Publicly on GitHub for Five Years
- Searching GITHUB