Tanya Janca is an AppSec celebrity best known for founding We Hack Purple. In this video, she discusses what secret scanning is and why it's key (pun intended).
Secret scanning is a way to identify secrets left in your code. Secrets are information your application needs to know but is confidential - ex: username/password to connect to your database, a hash used, an API key, etc.
It's imperative that organizations always ensure their secrets are kept private and the easiest way to do it is to scan for secrets.
Links:
We Hack Purple - [ Ссылка ]
CloudDefense - [ Ссылка ]
