Keep Your Enemies Close and Your Secrets Closer

Presented at Diana Initiative 2022, Aug. 10, 2022, 2 p.m. (30 minutes).

Hackers can exploit lazy developers. Remember, an adversary can use detect secrets tools to find secrets in your codebase. If you are worried about leaving credentials in your codebase, you may have employed the very popular Open Source Yelp Detect Secrets. In this talk, she will showcase how she wrapped the Yelp Detect Secrets tool for use in Azure to take results and immediately export them to your backlog and how to use this extension to prevent access to your code.


Presenters:

  • Audrey Long - Commercial Software Engineering (CSE) at Microsoft
    Audrey Long is a Senior Security Software Engineer at Microsoft in the Commercial Software Engineering team (CSE), which is a global engineering organization that works directly with the largest companies and not-for-profits in the world to tackle their most significant technical challenges. To Audrey, security is like solving a puzzle, but with real life impact- and she loves to break these puzzles. Because security is such a focal point for many customers, but there are so few people, and especially women in the space, Audrey is passionate about making security accessible both to software engineers and as a career for girls in STEM. She holds DoD secret clearance and a Master of Science degree in Cyber Security at Johns Hopkins.

Links:

Similar Presentations: