State of Secrets Sprawl on GitHub – 2021

  • By digitaldiary
  • in
  • on March 16, 2021

Our partners at GitGuardian have been scanning every single public commit made on GitHub for secrets since 2017, and they are now releasing their findings in the most comprehensive study on secrets sprawl ever conducted.

The community that has been built around GitHub, the Octoverse as it has become to be known, has been fundamental in changing how we use and build open-source components and software. Today there are more than 50 million developers using GitHub, 60 million repositories created in a single year and over 2 billion commits, the size of the Octoverse is outstanding.

GitHub today has become a place for developers to showcase their work and contribute to the millions of projects that form much of the building blocks modern software development is built upon. With such a vast resource of data publicly available, as you may imagine, there is also a huge number of sensitive data that is unknowingly or accidentally pushed to the platform, namely secrets like API keys, credentials and other digital authentication strings. These secrets can be used by attackers to gain access to infrastructure, systems and PII. When these secrets are distributed through multiple systems and services it creates a problem we collectively call secrets sprawl. Because code is so widely distributed through GitHub and because git keeps a complete record of a repository’s history, a public repository is arguably the worst place for a secret to end up.

How big of a problem is secrets sprawl on public GitHub? This has been very difficult to accurately quantify, until now!

Download the report here

Leave a Reply

PUBLISHED BY digitaldiary

View all posts by digitaldiary

Related Posts

CISO

Botnet Attacks on the Rise: Companies to Invest Heavily in API Security

Recently, companies are beginning to shift to the use of the cloud and expose functionality via Application Programming Interfaces (APIs). Cybercriminals have been taking this new exposed entry to their advantage as new technologies often lack the proper security. With APIs becoming more commonly used in companies, cybercriminals have been using Botnets to carry out […]

CMO , Retail

How Businesses Can Begin to Change the Conversation

Contributed by [24]7.ai Over the years, we’ve spoken with countless businesses across multiple industries. And every time we strike up a conversation, we ask a lot of questions, because we’re constantly on the lookout for new ways we can use technology to improve the customer experience. During these conversations, however, we began to notice a […]

CISO

Cybersecurity Leader, John Felker, Keynotes Our August Assembly!

On August 17th, The Millennium Alliance Transformational CISO Virtual Assembly kicks off with a keynote address from John Felker, Former Assistant Director for Integrated Operations, Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security. Felker is a proven innovator in the cybersecurity space and is notably recognized for his work leading the […]

#MillenniumLive , Healthcare

#MillenniumLive The COVID-19 Shift to Telehealth

Our thought leader, Michele Chulick, the former President & CEO of Wyoming Medical Center, talks about her career journey, leading the successful affiliation between WMC and Banner Health, and the challenges leading a major health system during the pandemic in this weeks #MillenniumLive. Chulick touches on the rapid shift from in-person healthcare to telehealth during […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.