Dwayne McDaniel

Stop Committing Your Secrets - GIt Hooks To The Rescue!

What if you could automatically block secrets from ever entering your Git history? Learn how pre-commit hooks prevent costly leaks before they happen.

Stop Committing Your Secrets - GIt Hooks To The Rescue!
#1about 4 minutes

The high cost of accidental secret leaks in code

Major companies like Uber, Toyota, and Samsung have suffered significant breaches due to hard-coded credentials found in source code.

#2about 7 minutes

Why hard-coded secrets are a growing developer problem

The number of secrets exposed in public repositories is growing faster than developer population growth, often due to hurried workflows.

#3about 6 minutes

How Git's design makes committed secrets permanent

Git stores a complete, compressed snapshot of files for every commit, meaning a secret committed once remains in the repository's history forever.

#4about 5 minutes

Why manual secret management is not enough

Relying solely on .gitignore files or vaults is insufficient because human error can lead to accidental commits, which are very difficult to remove from history.

#5about 9 minutes

Automating secret prevention using local Git hooks

Git hooks provide a built-in automation platform to run scripts that can scan for secrets and block commits before they are created.

#6about 5 minutes

Comparing open source tools for secret detection

Several open source tools like AWS Git Secrets, TruffleHog, and GG Shield can be used to implement pre-commit hooks for secret detection.

#7about 2 minutes

Demo of a Git hook blocking a secret commit

A practical demonstration shows how a pre-commit hook (GG Shield) detects hard-coded AWS keys and prevents the commit from completing.

#8about 16 minutes

Key takeaways for preventing secret leaks in code

The best strategy is to avoid committing secrets in the first place by using automation like Git hooks and leveraging open source tools.

Related jobs
Jobs that call for the skills explored in this talk.

Job ad Dark

SabIna compys

SabIna compys
Vienna, Austria

Remote
20-100K
Intermediate
JavaScript
.NET
+1

Matching moments

Securing developer access and development tools
03:16 MIN

Securing developer access and development tools

Securing your application software supply-chain

Securing workflows with secrets and best practices
02:32 MIN

Securing workflows with secrets and best practices

CI/CD with Github Actions

Understanding the fundamentals of GitHub Secrets
02:13 MIN

Understanding the fundamentals of GitHub Secrets

Best Practices for Using GitHub Secrets

Prevent leaked secrets with push protection and scanning
02:42 MIN

Prevent leaked secrets with push protection and scanning

Real-World Security for Busy Developers

The risk of exposing credentials in Git repositories
04:08 MIN

The risk of exposing credentials in Git repositories

Securing Secrets in the GitOps era

Key takeaways for securing your application pipeline
02:45 MIN

Key takeaways for securing your application pipeline

Securing Your Web Application Pipeline From Intruders

Q&A on GitOps secret management practices
18:28 MIN

Q&A on GitOps secret management practices

Securing secrets in the GitOps Era

Preventing leaked secrets and managing dependencies
02:14 MIN

Preventing leaked secrets and managing dependencies

How GitHub secures open source

Featured Partners

Related Videos

See all videos
Best Practices for Using GitHub Secrets36:33

Best Practices for Using GitHub Secrets

Marcel Lupo

Real-World Security for Busy Developers29:50

Real-World Security for Busy Developers

Kevin Lewis

Securing secrets in the GitOps Era58:52

Securing secrets in the GitOps Era

Davide Imola

Securing Secrets in the GitOps era58:57

Securing Secrets in the GitOps era

Alex Soto

Securing Your Web Application Pipeline From Intruders44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

How GitHub secures open source25:28

How GitHub secures open source

Joseph Katsioloudes

GitLab CI pipelines for a whole company32:29

GitLab CI pipelines for a whole company

Martin Beránek

Walking into the era of Supply Chain Risks37:36

Walking into the era of Supply Chain Risks

Vandana Verma

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
Dev Digest 108 - Git off my cloud!
Welcome to another edition of the WeAreDevelopers Dev Digest. This time we have an interview with Sead Ahmetovic, CEO of of WeAreDevelopers and Scott Chacon, co-Founder of GitHub. They talk about careers, early coding days, developer communities, eva...
Dev Digest 108 - Git off my cloud!
CH
Chris Heilmann
Dev Digest 125 - Duck and Cover
This issue was written live at the WeAreDevelopers World Congress in Berlin with us being incredibly busy, but this shouldn't mean you don't get some hot resources. News and ArticlesLet's start with AI news: Google and Microsoft consume more power th...
Dev Digest 125 - Duck and Cover

From learning to earning

Jobs that call for the skills explored in this talk.