ReversingLabs has added new secret detection capabilities to its software supply chain security (SSCS) tool to help developers prioritize remediation with context-based data on secrets.
In a development environment, secrets refer to digital authentication credentials used in software components including login credentials, API tokens, and encryption keys.
“We are using our knowledge of exposed secrets in the billions of files we’ve previously analyzed to provide that context,” said Tomislav Pericin, co-founder and chief software architect, ReversingLabs. “For example, commonly shared secrets used for testing open-source components that have been public for years are not secrets – so why tell developers to fix them.”
To read this article in full, please click here
Read MoreCSO Online