Over 39 million API keys, credentials, and other secrets leaked onto GitHub’s platform last year, but an update to its scanning tool could help stop that.
The widely used cloud-based version-control platform automatically blocks ‘several secrets every minute’ from going into production, but secrets leaks remain a major challenge for users of the service.
While secrets are often exposed accidentally, many breaches also come from well-meaning developers who intentionally share them without realizing the risks, GitHub said in a blog post.