Enhanced push protection features for developers and organizations

Check it out! 👇
https://github.blog/2023-08-09-enhanced-push-protection-features-for-developers-and-organizations/

#SecretScanning #Security #OpenSource

I’ve released more GitHub :github: Secret 🔑 Scanning 🔎 custom patterns, which you can use with Advanced Security.

Some are 🔥 (IMHO), some are for auditing only - e.g. my “common passwords” pattern, written to spot some of the most commonly leaked weak passwords - “P@55word123!” etc.

We have DataDog, Sentry, .Net configs, MS SQLServer user creation, and Bearer tokens.

https://aegilops.github.io/posts/new-github-secret-scanning-custom-patterns/

#GitHub #SecretScanning #AppSec #SDLC #regex

I’ve released more GitHub :github: Secret 🔑 Scanning 🔎 custom patterns, which you can use if you have Advanced Security.

Some are 🔥 (if I say so myself), some are for auditing only - e.g. my “common passwords” pattern, written to spot some of the most commonly leaked weak passwords - “P@55word123!” and the like.

We’ve got DataDog, Sentry, .Net configs, MS SQLServer user creation, and Bearer tokens.

https://lnkd.in/eqRG_FRa

#GitHub #SecretScanning #AppSec #SDLC #SecretsManagement #regex

Announcing the public preview of GitHub Advanced Security for Azure DevOps

Check it out! 👇
https://github.blog/2023-05-23-announcing-the-public-preview-of-github-advanced-security-for-azure-devops/

#SecretScanning #GithubAdvancedSecurity #DependencyScanning #CodeScanning #Security #Product

I kicked off my blog with a post about writing regex for GitHub Secret Scanning's custom patterns (which you get if you pay for Advanced Security):

https://aegilops.github.io/posts/regex-for-secret-scanning/

#GitHub #SecretScanning #SecureCoding #DevSecOps #regex #HyperScan

Do you know if you have secrets in your own code or configuration files in your repository?

In part 7/12 of our video series, Patrick Steger and I will show you how to find secrets in your own code or configuration files using @github .

👉 https://youtu.be/k-uuPTLNXGM

Here you can find our comparison of GitLab vs. GitHub: https://www.romanoroth.com/post/gitlab-vs-github-devsecops

#github #devsecops #devops #secretscanning #vulnerability

I have enabled GitHub's Secret scanning for 14k forked repositories from the Actions Marketplace. Here is what I have found (and why you should make sure you have this enabled)!

https://devopsjournal.io/blog/2023/01/22/Making-the-case-for-secret-scanning?utm_source=dlvr.it&utm_medium=mastodon

#DevSecOps #SecretScanning #GitHub

This is excellent news! GitHub is now providing secrets scanning for free for everyone! #WootWoot #GitHub #SecretScanning #SecureCode https://thehackernews.com/2022/12/github-announces-free-secret-scanning.html