Secrets Management Best Practices and Tools - RUBY 655

2792.793 - 2816.413 Brian Vallelunga

Detection ahead of the breach, at least in the secret space, is almost zero from my understanding right now. There isn't a class of tooling yet for that. But on the scanning side, there's TruffleHawk, there's GitGuardian. GitHub is adding some stuff too. There is a space developing right now where basically you can scan. The goal is to scan the perimeter of your infrastructure, right?