How to reduce false positives while scanning for secrets

Secrets in code are a pervasive and ever increasing attack vector in modern software companies.  If you’ve ever used a secret scanning tool to detect secrets in your code, you’ve probably had to deal with the overwhelming amount of false positives.  In some cases, the level of noise is so high that it can be […]

How to help developers keep secrets out of code

What’s a secret? That’s a good question. But if you’re here, you probably already understand what a secret is, with regards to software engineering. You also understand that once code has been merged, detecting and fixing security related defects in code can cost your business time, money, and expose your organization to security risks. And […]

The Top Five Secrets Found in Code

Your code is not just a means for you to deploy an application, it’s also the means by which a hacker can gain access to a network or the data contained within or without. This has become even more apparent with the advent of cloud native development, where a single app or service consists of […]