How many android applications on the play store are leaking their credentials and secrets! The answer comes from independent research conducted by Cybernews which shows nearly half of all applications on the Play Store are leaking secrets. Vincentas Baubonis, a security researcher from CyberNews joined GitGuardian on a Webinar to detail some research they conducted exploring how android applications are leaking secrets.

GitGuardian’s real-time monitoring allows alerts to be sent immediately when an incident is detected. This high-level overview walks you through setting up, configuring, and testing alert integrations.

Take a tour of how developers commonly use ggshield, the free and open source GitGuardian CLI to find hardcoded secrets. We will also see how developers participate in the remediation process. In this video demo, see: Learn more at docs.gitguardian.com

learn how to create AWS Honey Tokens that alert you when someone attempts to use them. Honey tokens are API or access keys that are real but harmless and can be used as an early warning system to know when an intruder has made it into your system. In this video, we run through the simple steps to be able. to create your very own AWS Honey Tokens using an open-source project and all your own infrastructure.

Software has eaten the world, including our infrastructure. While there are a lot of advantages to Infrastructure as Code, IaC, there are new dangers as well. An unnoticed misconfiguration or security issue in one file can quickly replicate issues throughout all of your environments.

In 2021, GitGuardian scanned over 1 billion data points on GitHub.com, and the results were stunning. More than 6 million secrets – think API keys, database connection strings, and private certificates – were exposed on the platform! Even more striking is the share of secrets and sensitive data exposed on the personal repositories of developers or open-source projects, of which SecOps teams lack visibility and control.

If you have ever run a secrets scanner against your entire codebase, it has likely raised hundreds if not thousands of findings, leaving you wondering, "Where should I start?" Unlike other vulnerabilities, hardcoded secrets represent a threat by themselves whether your code is running or not. Attackers with access to a repository will scan it inside out for secrets, turning every occurrence into a risk you cannot ignore. Still, this does not mean that you should treat all incidents equally!

Understanding your perimeter is an important part of eliminating secrets sprawl. In this short video, you will learn how GitGuardian defines your perimeter when using the GitGuardian Internal Monitoring Platform.

GitGuardian scans GitHub round the clock for companies' exposed secrets and alerts their security teams before it’s too late. This short demo shows exactly how GitGuardian's Public Monitoring platform can help you identify your developers on GitHub, even when using personal accounts, monitor your perimeter for secrets leaks, and help you collaborate with developers to remediate exposure.

Our Friends at Cybernews recently released some shocking research that showed thousands of Android applications are leaking hard-coded secrets like API keys. We are super excited to be sitting down with Cybernews researcher Vincentas Baubonis to take a deep dive into this study and uncover why this is such a pervasive vulnerability in Android Applications.