Threat actors actively scouring code repositories such as GitHub for easy way to infiltrate organizations
Digital Shadows, the leader in digital risk protection, has today announced the ability to detect exposed access keys. A combination of misconfiguration, inexperience, and laziness means that software developers are exposing access keys at an alarming rate. With threat actors routinely scouring code repositories for leaked keys, security teams need a fast, scalable solution to monitor these sites for their exposed technical assets.
Customers of Digital Shadows will now be able to identify in near real-time where these keys have been exposed. Most leakage is accidental, due to poor security practices – such as sensitive data being committed to public repositories, rather than private ones. SearchLight users will be notified when an access key has been detected on a public code repository or paste site, complete with a risk score for prioritization, source file, and matched assets. This means that remediation is quick and simple: either revoke the credential or tweak the configuration settings.
Russell Bentley, VP of Product at Digital Shadows, comments: “As software development has become increasingly distributed between in-house and outsourced teams it has become increasingly challenging to monitor the exposure of sensitive information. Every day, sensitive technical information like keys and secrets are exposed online to code collaboration platforms. Normally this is accidental, but we have seen evidence that threat actors are scouring public repositories and looking to use it in order to access sensitive data and infiltrate organizations. This new functionality within SearchLight will make it quick and simple to stop attackers in their tracks.”
Read More: The Step to Create a Cyber Security Culture Starts from the Team Itself
SearchLight’s new access key alerting helps organizations monitor for access keys and secret exposure, providing Digital Shadows customers with complete visibility and minimal effort. This includes the ability to:
- Identify near real-time who has exposed technical data: Each alert is tailored to an organization and built-in configuration minimizes false positives and increases relevance.
- Built-in ‘playbooks’ enable organizations to learn how to reduce exposure and remediate risks
- Comprehensive coverage, for increased visibility: Automated detection of access keys across the broadest set of sources.
- Build a clear picture with enriched data: As Shadow Search is built-in to the alert, users can have a succinct view of the historical activity related to that alert, building a richer picture, and helping security teams to make decisions quicker.