API Keys are an alternative to passwords for connecting to a computer or web service. Typically, API Keys are used by software applications to talk to other applications and are considered more secure than using userids and passwords to authenticate. Unfortunately, too many developers don’t treat APIkKeys like the security risk they are. API keys […]
Continue reading → [DISPLAY_ACURAX_ICONS]We hear stories about the time it takes to weaponize security patches. This test, by Orca Security, tested a different problem. They wanted to know how long it takes hackers to discover secrets that you leave exposed in your cloud environment. They tested a variety of resources from Github to AWS. The good news is […]
Continue reading → [DISPLAY_ACURAX_ICONS]GitGuardian reported yesterday that organizations leaked more than 6 million passwords, API keys and other secrets last year. That is just in the code that they scanned. This is double the number found the year before. In part, this is due to better software that can sniff out these secrets. That translates to 3 out […]
Continue reading → [DISPLAY_ACURAX_ICONS]