GitHub has recently announced that they have made secret scanning freely available for all public repositories hosted on their platform. GitHub’s secret scanning feature would alert repository owners of all leaked secrets that have been included in their repositories. This is not just limited to the code and includes the repository history, issues, description and comments. Leaked secrets have been a common cause of compromise. If you are an owner of a public repository on GitHub, I highly recommend that you have secret scanning enabled for all your repositories.
This segment was created for the It’s 5:05 podcast