Secrets Scanning Checklist

Hardcoding secrets enables developers to seamlessly access or authenticate the services needed to build and deploy applications. But those secrets, if not stored securely, present a huge risk. Hardcoded secrets such as passwords, credentials, API keys, and important tokens can be exposed in source code, build logs, infrastructure as code (IaC), repositories, and more. If important credentials fall into the hands of a bad actor, they could be used to gain privileged access to leak data, tamper with code, steal sensitive information, shut down services, or run up exorbitant fees.

Because hardcoded secrets are so common, particularly in matrixed development organizations and within cloud-native applications, they’re becoming a popular target for bad actors.

Secrets security solutions can help you get ahead of these risks and adopt a well-rounded code security program. But not all secrets scanning tools provide the breadth or depth of coverage you need to identify and protect your secrets.

In this checklist, we’ll cover the six key criteria you should look out for when evaluating a secrets scanning
solution.

View Checklist

Free Download

Please enter your contact information and click the download button. You will receive an email with your download link.

I have read and agree to the Palo Alto Privacy Statement.

I have read and agree to the Palo Alto Terms of Use.

I consent to B2B Media Group GmbH with its affiliated companies and Enigma Marketing Pte Ltd processing my data for marketing purposes, in particular for marketing-related contact via email and telephone.

You can withdraw your consent at any time by emailing privacy@b2bmg.com (subject: Enigma Marketing Pte Ltd). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Enigma Marketing Pte Ltd

Fields marked with * are mandatory