The Less Understood Dangers of Secret Sprawl and What Devs Can Do to Fight Itby@jean-GG
228 reads

The Less Understood Dangers of Secret Sprawl and What Devs Can Do to Fight It

by Jean Dubrulle | GitGuardian4mJune 11th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

When developers refer to secret sprawl they are typically referring to the unwanted distribution of secrets across multiple platforms, services and machines. Having secrets on multiple services, email, Slack, git etc increases what is referred to as the 'attackable area’. This increases the amount of systems that could be exploited to find secrets. It only takes one compromised developer's git account, one compromised email or one compromised computer for an attacker to suddenly gain access to a trove of highly sensitive secrets. This is why developers and organizations alike often store secrets in unsecure locations.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - The Less Understood Dangers of Secret Sprawl and What Devs Can Do to Fight It
Jean Dubrulle | GitGuardian HackerNoon profile picture
Jean Dubrulle | GitGuardian

Jean Dubrulle | GitGuardian

@jean-GG

Share Your Thoughts

About Author

Jean Dubrulle | GitGuardian HackerNoon profile picture
Jean Dubrulle | GitGuardian@jean-GG

TOPICS

THIS ARTICLE WAS FEATURED IN...

Permanent on Arweave
Read on Terminal Reader
Read this story in a terminal
 Terminal
Read this story w/o Javascript
Read this story w/o Javascript
 Lite
L O A D I N G
. . . comments & more!