Gaining Initial Access by Exploiting Leaked Credentials

Explore the critical issue of leaked credentials and their exploitation in this DevConf.CZ 2023 conference talk. Delve into the alarming prevalence of exposed secrets like API keys, security certificates, and other credentials across the internet. Discover the findings of GitGuardian's research project, which uncovered 6 million leaked secrets on GitHub.com and revealed that nearly 5% of docker images contain plain text credentials. Examine the anatomy of recent breaches to understand how attackers locate and exploit these vulnerabilities to infiltrate organizations. Learn essential strategies to prevent credential leaks and protect your organization's crown jewels from unauthorized access. Gain valuable insights into the growing threat landscape and equip yourself with the knowledge to safeguard your digital assets effectively.