If you are reading this, you probably already know how critical it is to NOT hardcode credentials into source code, especially if this code is going to be committed in a public GitHub repo. Certainly, GitHub knows this too, and they provide secret scanning for all public repositories, as part…

In our first article, we will walk you through the just-released PinataHub platform, the largest archive of leaked credentials and secrets in public GitHub repositories. Some background: Forgetting secrets in the source code is a very common problem in the DevOps world, which can have disastrous consequences for any organization. Many have…