Too Long; Didn't Read
When developers refer to secret sprawl they are typically referring to the unwanted distribution of secrets across multiple platforms, services and machines. Having secrets on multiple services, email, Slack, git etc increases what is referred to as the 'attackable area’. This increases the amount of systems that could be exploited to find secrets. It only takes one compromised developer's git account, one compromised email or one compromised computer for an attacker to suddenly gain access to a trove of highly sensitive secrets. This is why developers and organizations alike often store secrets in unsecure locations.
Share Your Thoughts