Description
Remember that once things are checked into public source control, you can never claw them back; they must be rotated or discarded. Keeping secrets out of even commit histories is critical to keeping software secure.
Best Practices
- You can use tools like detect-secrets, truffelhog, or gitrob to scan your repositories for secrets
- Keep application secrets in a secrets vault such as Azure Key Vault
Description
Remember that once things are checked into public source control, you can never claw them back; they must be rotated or discarded. Keeping secrets out of even commit histories is critical to keeping software secure.
Best Practices