Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Secret Scanning in Open Source at Scale - An In-Depth Analysis

Hack In The Box Security Conference via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore an in-depth conference talk from HITB 2024 Bangkok that delves into large-scale secret scanning research across open-source assets. Learn about the critical findings from scanning over 2 million NPM packages, 60,000 WordPress plugins, and Ruby Gems for exposed secrets like private API keys from 33 different providers including AWS and Google. Discover the implications of supply chain security vulnerabilities following incidents like log4j, and gain practical insights into preventing such exposures through CI/CD pipeline automation. Presented by Danish Tariq, a seasoned Security Engineer with 8+ years of experience and notable contributions to bug bounty programs for Microsoft, Apple, Nokia, and others, alongside achievements including BlackHat MEA 2022 speaker and multiple CVE discoveries.

Syllabus

#HITB2024BKK D1 - Secret Scanning in Open Source at Scale (in-depth)

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Secret Scanning in Open Source at Scale - An In-Depth Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.