State of Secrets Sprawl on GitHub – 2021

  • By digitaldiary
  • in
  • on March 16, 2021

Our partners at GitGuardian have been scanning every single public commit made on GitHub for secrets since 2017, and they are now releasing their findings in the most comprehensive study on secrets sprawl ever conducted.

The community that has been built around GitHub, the Octoverse as it has become to be known, has been fundamental in changing how we use and build open-source components and software. Today there are more than 50 million developers using GitHub, 60 million repositories created in a single year and over 2 billion commits, the size of the Octoverse is outstanding.

GitHub today has become a place for developers to showcase their work and contribute to the millions of projects that form much of the building blocks modern software development is built upon. With such a vast resource of data publicly available, as you may imagine, there is also a huge number of sensitive data that is unknowingly or accidentally pushed to the platform, namely secrets like API keys, credentials and other digital authentication strings. These secrets can be used by attackers to gain access to infrastructure, systems and PII. When these secrets are distributed through multiple systems and services it creates a problem we collectively call secrets sprawl. Because code is so widely distributed through GitHub and because git keeps a complete record of a repository’s history, a public repository is arguably the worst place for a secret to end up.

How big of a problem is secrets sprawl on public GitHub? This has been very difficult to accurately quantify, until now!

Download the report here

Leave a Reply

PUBLISHED BY digitaldiary

View all posts by digitaldiary

Related Posts

CIO , CISO , CMO , Data , Financial Services , Healthcare , Retail

David Sable Asks, Does Working Remote Fix Toxic Workplaces?

As originally published by David Sable on LinkedIn. Subscribe to the newsletter! The “toxic workplace” has taken primo, front and center billing in posts, discussion, and analysis, as a reason to stay remote whenever Return To Office is mentioned, even as a hybrid strategy. Unfortunately, too many people are saying that ZOOM, WFH, and WFABO (Work […]

#MillenniumLive , CMO , Retail

Research Analyst Ian Bruce Joins Our CMO & Retail Assembly!

We have big news to share – our final Transformational CMO & Retail Virtual Assembly for 2021 will feature Forrester Research! Ian Bruce, Vice President & Principal Analyst at the leading global research and advisory firm will share his exclusive insights gained over the course of 2021. His research has a special focus on how […]

#MillenniumLive , Healthcare

#MillenniumLive with Paul Ginsburg on Consumer-driven Healthcare

This week on #MillenniumLive, our Co-Founder Alex Sobol sits down with Paul Ginsburg, PhD, Professor and Director of Public Policy at USC Schaeffer Center. Ginsburg explores his roots: from growing up in New York City, to discovering his passion for academia, and his special interests in health policy, healthcare financing, and delivery. Ginsburg also shares […]

CIO , Data , Retail

Jose Arrieta Keynotes Our Digital Enterprise and Data Transformation Assembly!

Our Digital Enterprise and Data Transformation Virtual Assembly in November will feature Jose Arrieta, Former Chief Information Officer and Chief Data Officer at HHS as our keynote speaker! In his last three years at HHS, he oversaw $6.3B in IT investments, $800B in grants, and $26B in Federal contracts while providing cybersecurity solutions for 174,000 […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.