Modern development practices are a blessing and a curse for organizations. Efficiency gains delivered by distributed workforces, and blended in and out-sourced development teams require collaboration tools like online code repositories. But these tools increase the chance of mistakes and create another attack surface to monitor for security problems. Security teams need new tools to enable these practices securely.
Today, these issues are compounded by a combination of threat actors scouring public repositories for access keys, careless behavior when it comes to building code, and a lack of knowledge as to how to secure software collaboration platforms.
With the relentless march of increasing digital business, technical data is an attractive target, made even easier to obtain when data is easily – and mistakenly – posted online. Notably, Digital Shadows (now ReliaQuest) scanned 150 million entities across GitHub, Pastebin and GitLab, detecting 800,000 access keys and secrets– which demonstrates the scale of the problem. Access keys are highly sensitive and highly sought after data as they’re technically forms of credentials, and credentials are the digital crown jewels.
These issues have seen headlines already and are set to generate more. Once an access key is exposed, it offers the potential for actors to gain access to applications, devices or corporate networks, which can consequently allow them to gain access to sensitive data.
Launching the new Access Keys Credential Alert
Today, we’re making it simpler for security teams to continuously monitor for technical exposure with the new exposed access key alert. Now SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) notifies users when an access key or secret has been detected on a public code repository or paste site, complete with risk score for prioritization, source file and matched assets, which allow for greater relevance.
Detailed context unified in a single view
Often organizations don’t know who in the business has leaked data and where it’s been posted – made even more challenging when this is outsourced. Has the employee or contractor posted online before? What’s their historical activity?
Each alert features detailed information, including what was leaked, where and when. Additionally, as Shadow Search is built-in, users can have a succinct view of the historical activity related to that alert, building a richer, contextualized picture, helping security teams to make more informed decisions.
Minimize the attack surface with accessible remediation tools
With the latest source file information provided, users can determine who I may need to provide this information to in order to have the risk remediated. Digital Shadows (now ReliaQuest) can support the remediation of risk through playbook support and takedowns.
To find out more about our technical leakage detection capabilities, read our resources or reach out to a member of our team.