In episode 55 of the Acceleration Economy Minute, Kieron Allen highlights GitGuardian, which is on our Top 10 list of Cybersecurity Enablers.
This episode of the Acceleration Economy Minute is sponsored by Acceleration Economy’s Digital CIO Summit, taking place April 4-6. Register for the free event here. Tune in to the event to hear from CIO practitioners discuss their modernization and growth strategies.
00:40 — Kieron profiled GitGuardian earlier this week. The company is making waves with its focus on protecting secrets. Kieron defines what “secrets” means in a development context.
00:58 — Many developers store secrets — which in this context means API keys, tokens, and programmatic passwords — in public repositories, most notably GitHub.
01:24 — In a public repository, these secrets are irresistible to nefarious actors. The more secure practice, which isn’t followed as much as it should be, is to store secrets in secure files or vaults.
01:40 — Sometimes developers need to go fast and want to test a key and hard-code the secret, so it’s then visible in the code. This is the exact problem GitGuardian is addressing. GitGuardian helps organizations build secure software and support collaboration between developers and security teams by making users aware of any secrets that might be visible on GitHub repositories.
01:57 — The company makes a secrets detection engine that can uncover over 350 different types of secrets. The technology scans public and, when allowed, private Git repositories so it can alert customers as soon as a secret is leaked or exposed. Git Guardian also provides organizations with information on severity and related analytics so they can take proper remediation steps.
02:23 — GitGuardian is addressing a big problem that has affected very large companies including Samsung and Uber.
Which companies are the most important vendors in cybersecurity? Click here to see the Acceleration Economy Top 10 Cybersecurity Shortlist, as selected by our expert team of practitioner-analysts.