From the course: Application Security in DevSecOps
Join today to access over 25,500 courses taught by industry experts.
Continuous secret scanning
From the course: Application Security in DevSecOps
Continuous secret scanning
- [Instructor] In today's cloud-first world, protecting our secrets has become more challenging than ever. This isn't just about traditional cloud providers like AWS and Azure, it extends to our entire development ecosystem, including code repositories like Bitbucket and GitHub. Today, we'll explore how to proactively scan our code for secrets before they make it to production. Secret scanning is your first line of defense against accidentally exposed credentials in your code base. Here's what you need to know. Common exposures include AWS keys, passwords, and API tokens. Infrastructure as code files are particularly vulnerable. Best practice is to implement pre-commit hooks to catch secrets before they're committed. Failed scans should block the commit process. When selecting a secret scanning solution, consider these key factors. Accuracy is paramount. Look for tools with sophisticated entropy detection. Avoid solutions that rely solely on simple regex patterns. Speed matters…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Continuous static scanning7m 7s
-
(Locked)
Continuous dynamic scanning7m 31s
-
(Locked)
Interactive application security scanning9m 11s
-
(Locked)
Continuous secret scanning5m 40s
-
(Locked)
Continuous dependency scanning4m 55s
-
(Locked)
Continuous container security6m 12s
-
(Locked)
Continuous infrastructure as code scanning6m 11s
-
(Locked)
AI application security6m 6s
-
(Locked)
Continuous application runtime monitoring5m 37s
-
(Locked)
-
-