Surviving the GitHub OAuth hack – remediating thousands of hardcoded credentials

3 pointslumberjack243y ago1 comments

While going through other HN threads, I noticed many participants in the discussions recommend that organizations noticing suspicious repo cloning activity start scanning source code for credentials. This is a great advice to limit the damage.

But where do you start when you find thousands of secrets exposed?

1 comments

lumberjack24OP3y ago

The other day I wrote a guide to help security and engineering teams prioritize and remediate thousands of such incidents. Hope it helps!

https://blog.gitguardian.com/a-practical-guide-to-prioritize...

j / k navigate · click thread line to collapse

Surviving the GitHub OAuth hack – remediating thousands of hardcoded credentials

3 pointslumberjack243y ago1 comments

But where do you start when you find thousands of secrets exposed?

1 comments

lumberjack24OP3y ago

The other day I wrote a guide to help security and engineering teams prioritize and remediate thousands of such incidents. Hope it helps!

https://blog.gitguardian.com/a-practical-guide-to-prioritize...

j / k navigate · click thread line to collapse