Detecting secrets in code committed to Gitlab

preview_player
Показать описание
This was my recent experiment on how to detect API keys (secrets) in code committed to Gitlab in real time. I have talked about all the different ways we could achieve real time detection, challenges we faced and how we solved them.

If you are planning to implement secrets detection in your organization, this will be a good start.

  1. Chandrapal Badshah
  2. gitlab
  3. security
  4. secrets detection
  5. api keys
Рекомендации по теме
Detecting secrets in 0:29:27

Detecting secrets in code committed to Gitlab (in real time) - Chandrapal Badshah

Detecting secrets in 0:25:02

Detecting secrets in code committed to Gitlab

Detecting Secrets in 0:04:07

Detecting Secrets in Code Security Demo

[Webinar] Detect hardcoded 1:07:47

[Webinar] Detect hardcoded secrets with ggshield, the GitGuardian CLI

Tryhackme Committed Walkthrough 0:08:38

Tryhackme Committed Walkthrough | How to enumerate git commits for secrets

How to Detect 0:13:37

How to Detect Secret Keys in Git? | Episode 1

ToorCon XX — 0:40:13

ToorCon XX — FINDING SECRETS IN SOURCE CODE WITH TRUFFLEHOG - Dylan

Scanning for hardcoded 0:05:39

Scanning for hardcoded secrets in source code | Security Simplified

How to create 0:13:22

How to create a pre-push git hook to detect hardcoded secrets like API keys & credentials

Detect hardcoded secrets 0:16:32

Detect hardcoded secrets in pre-commit hooks & GitHub Actions with ggshield, the GitGuardian CLI

Prevents you from 0:17:31

Prevents you from committing secrets and credentials into git repositories - Abhinav Sejpal

GitGuardian for Secrets 0:09:39

GitGuardian for Secrets Detection

Detect Secrets Demo 0:09:16

Detect Secrets Demo

So, you've committed 0:13:12

So, you've committed a secret, what next?

Remove a Secret 0:05:26

Remove a Secret from your Commits - Demo

Detect secrets with 0:13:27

Detect secrets with a pre-commit git hook using ggshield and the pre-commit framework

GitLab: DevSecOps: Part 0:14:37

GitLab: DevSecOps: Part 7/12: How to find secrets in your own code with Secret Detection

Scanning Code for 0:03:10

Scanning Code for Credentials using detect-secrets

How to Automatically 0:09:31

How to Automatically Run Detect-Secrets with Git Pre-Commit Hooks | Secure Your Code with Pre-Commit

Commit Virtual 2021: 0:14:46

Commit Virtual 2021: Secure your SDLC adding Integrated Secrets Detection

How to prevent 1:00:20

How to prevent and detect secrets, tokens and passwords in code.

Find Hard Coded 0:07:55

Find Hard Coded Secrets in Your Code - GitHub Checkout

Detect secrets like 0:23:11

Detect secrets like API keys in using simple Python script

Demo: Real time 0:01:18

Demo: Real time secrets detection on Gitlab

join shbcf.ru