“ This is a recurring limitation but also a recurring blind spot most companies do not bear in mind . We often hear ‘ I am not open sourcing so why should I care about public GitHub ?’, the issue is that secrets sprawling occurs most of the time on developers ’ personal repositories ,” said Henri Hubert , Head of GitGuardian Secrets Team .
It was at this point that Talend decided to look for a ready-made solution available on the market . The desired solution needed to allow for active monitoring of all its GitHub code repositories as well as the public personal code repositories of its developers .
Hardy said : “ We started by looking at open-source solutions but they did not meet our expectations . In particular , it was necessary to declare all the
Once we decided to deploy GitGuardian ’ s GitHub public monitoring solution , the ramp-up was rapid . As soon as we had access to the platform , we were able to start remediating past incidents .
directories to be monitored , which represented a substantial workload .”
Indeed , it is tricky to identify personal repositories belonging to developers , especially when dealing with
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 49