|
Description:
|
|
Last year I started to get alerts from Microsoft Repos that someone had put a piece of security information in their code that pertained to one of my Azure services. At first I was worried, but then I realized this was the public version of AdventureWorks we maintain in Azure. We've published the login so people can test code against this if they want, and I started ignoring the warnings. Well, not ignoring. I still glance over them to verify the issue, but I'm less concerned. That doesn't mean that you shouldn't be concerned about sensitive information in repos. I saw this quote: " Bots are crawling all over GitHub seeking secret keys, a developer served with a $2,375 Bitcoin mining bill found." This follows a sentence that says "It once caused Uber to leak the contact details of 75m users". These are from an interesting look at a way to secure code that might leak API keys. The idea is that you secure code on local commits and prevent secrets from being stored in your VCS. Read the rest of Securing Code Early |
.png)
More
Religion & Spirituality
Education
Arts and Design
Health
Fashion & Beauty
Government & Organizations
Kids & family
Music
News & Politics
Science & Medicine
Society & Culture
Sports & Recreation
TV & Film
Technology
Philosophy
Storytelling
Horror and Paranomal
True Crime
Leisure
Travel
Fiction
Crypto
Marketing
History
Comedy
Arts
Games & Hobbies
Business
Motivation