From the course: Application Security in DevSecOps
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Continuous secret scanning
From the course: Application Security in DevSecOps
Continuous secret scanning
- [Instructor] With the move to cloud being more popular than ever, keeping our programming secrets is becoming more of a challenge. And I'm not just talking about AWS and Azure, but cloud tools like Bitbucket and GitHub where application code is stored. In this chapter, we'll talk about how we can scan our code for secrets prior to deploy. The idea with secret scanning is to look through all of your code for secrets accidentally hard coded during the development process. AWS keys, passwords, and things like that are most commonly found secrets that have been accidentally exposed publicly. When performing this analysis, don't forget to include your infrastructure as code in the scanning. Many times, cloud keys are stored in the code to make deployments easier and they're never removed. From a process point of view, I normally do this as a pre-commit hook in my job and fail if secrets are found. The right tool has…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
(Locked)
Continuous static testing4m 20s
-
(Locked)
Continuous dynamic testing4m 15s
-
(Locked)
Interactive application security testing4m 29s
-
(Locked)
Continuous secret scanning3m 41s
-
(Locked)
Continuous library security testing3m 45s
-
(Locked)
Continuous container security2m 41s
-
(Locked)
Continuous container security demo2m 27s
-
(Locked)
-
-