Our partners at GitGuardian have been scanning every single public commit made on GitHub for secrets since 2017, and they are now releasing their findings in the most comprehensive study on secrets sprawl ever conducted.
The community that has been built around GitHub, the Octoverse as it has become to be known, has been fundamental in changing how we use and build open-source components and software. Today there are more than 50 million developers using GitHub, 60 million repositories created in a single year and over 2 billion commits, the size of the Octoverse is outstanding.
GitHub today has become a place for developers to showcase their work and contribute to the millions of projects that form much of the building blocks modern software development is built upon. With such a vast resource of data publicly available, as you may imagine, there is also a huge number of sensitive data that is unknowingly or accidentally pushed to the platform, namely secrets like API keys, credentials and other digital authentication strings. These secrets can be used by attackers to gain access to infrastructure, systems and PII. When these secrets are distributed through multiple systems and services it creates a problem we collectively call secrets sprawl. Because code is so widely distributed through GitHub and because git keeps a complete record of a repository’s history, a public repository is arguably the worst place for a secret to end up.
How big of a problem is secrets sprawl on public GitHub? This has been very difficult to accurately quantify, until now!
Download the report here
Reach thousands of C-Level
Executives every month.
Do you have content that you feel will
resonate with our audience? We'd love to
welcome you as a guest contributor!
Premium content to our readers
interested in all things business.
Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.About Millenium Alliance
Launched in 2017, Digital Diary was created to provide premium content to our members interested in executive education and business transformation. With C-Suite executive and top academic contributors, interviews with industry leaders, and digital transformation insights from technology experts, Digital Diary has all of the professional development tools you need to stay ahead of the curve.
We are dedicated to distributing meaningful opportunities for our reader to increase their personal knowledge, simplify business initiatives, and to have the right information to build their capabilities and leadership skills at every level.
In the midst of disruption across all industries, our members are given the tools they need to digitally transform their organizations.
Interested in Learning More?
Connect with Us