Read the original article: Detecting Sensitive Data Leaks That Matter
Last time, I talked about the perils of leaving secrets in open-sourced code and how to detect those secrets using regex and entropy analysis: https://blog.shiftleft.io/scanning-for-secrets-in-source-code-9fcb486f8c0e.
Hardcoded secrets are an example of a sensitive data leak. Sensitive data leaks happen when an application exposes sensitive data, such as credentials, secret keys, personal information, or configuration information, to people who shouldn’t have access to that information.
Read the original article: Detecting Sensitive Data Leaks That Matter