In episode 63 of the Acceleration Economy Minute, Kieron Allen discusses GitGuardian, which is on our Top 10 list of Cybersecurity Enablers.
This episode is sponsored by Acceleration Economy’s Digital CIO Summit, taking place April 4-6. Register for the free event here. Tune in to the event to hear from CIO practitioners discuss their modernization and growth strategies.
00:36 — GitGuardian’s technology provides automated secrets detection and protection for DevSecOps, with a focus on the GitHub environment. The company has just released its annual State of Secrets Sprawl 2023 report.
Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist.
01:02 — Some of the findings are “staggering” — there were 10 million secret occurrences detected by GitGuardian, up 67% compared to its 2022 report.
01:17 — Also, GitGuardian found that one code author out of 10 exposed a secret in the previous year.
01:30 — More than 80% of all the secrets caught by live monitoring of GitHub are usually exposed through developers’ personal repositories, even though a huge majority of the secrets are, in fact, corporate secrets. Why is this happening?
01:45 — There are some instances where malicious behavior is to blame but the sheer scale of the issue points to another factor: human error and misconfiguration in GitHub are incredibly easy. These are frightening findings; GitGuardian aims to highlight when secrets are exposed so companies can take remediation steps once they’ve been informed they’re at risk.
Want more cybersecurity insights? Subscribe to the Cybersecurity as a Business Enabler channel: