Stop Secrets Creep Across Developer Platforms

Dark Reading Confidential: Stop Secrets Creep Across Developer Platforms

Dark Reading Confidential Episode 13 highlighted the increasing exposure of sensitive enterprise information by developers; 23 million secrets were found in public spaces last year alone. The podcast featured experts discussing the causes and potential solutions to this growing problem.

The ideal model assumes developers follow security best practices, but reality shows credentials, API keys, and other sensitive data are increasingly found in code repositories, CI/CD pipelines, and collaboration tools like Slack and JIRA. This widespread exposure creates significant risk, with potential for data breaches, financial loss, and reputational damage—attacks are happening through these tools more often than previously thought.

Key Insights

• 23 million secrets exposed: GitGuardian reported finding 23 million secrets in public spaces in the past year (2024).
• Convenience vs. Security: Developers often prioritize speed and convenience, leading to shortcuts that expose secrets.
• Temporal for Secret Management: Temporal is used by companies like Stripe and Coinbase for managing stateful workflows, offering a more secure alternative to traditional methods for handling sensitive data.