Amid a spike in attacks on software supply chains, GitGuardian launched HasMySecretLeaked.com, a site that allows developers and appsec teams to search for exposed secrets.
GitHub
Episode 248: GitHub’s Jill Moné-Corallo on Product Security And Supply Chain Threats
In this episode of the Security Ledger Podcast, Paul speaks with Jill Moné-Corallo, the Director of Product Security Engineering Response at GitHub. Jill talks about her journey from a college stint working at Apple’s Genius bar, to the information security space – first at product security at Apple and now at GitHub, a massive development platform that is increasingly in the crosshairs of sophisticated cyber criminals and nation-state actors.
Spotlight: How Secrets Sprawl Undermines Software Supply Chain Security
Mackenzie Jackson, the Developer Advocate at GitGuardian joins Paul to discuss how “secrets sprawl” on sites like GitHub threatens software supply chains.
Dispute Over Data Leak Highlights Legal Risks for UK Researchers
An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest.
Researchers Test UN’s Cybersecurity, Find Data on 100k
Independent security researchers testing the security of the United Nations were able to compromise public-facing servers and a cloud-based development account for the U.N. and lift data on more than 100,000 staff and employees, according to a report released Monday.