Legit Security has recently announced the launch of new enhancements to its secrets scanning product, aimed at providing comprehensive visibility and protection against security risks associated with secrets in application development. The new features include a secrets dashboard for integrated view of findings and recovery actions, as well as discovery and remediation capabilities for secrets found in developers’ personal GitHub repositories.
Secrets, such as API keys, tokens, credentials, and PII, are essential in application development but also pose a significant security threat due to their high value to attackers. Legit Security’s latest capabilities offer improved risk mitigation and reduction of the attack surface related to secrets.
According to Lior Barak, CPO at Legit Security, “Secrets are a serious security risk, and because they are so omnipresent, they are ripe targets for threat actors seeking access to sensitive resources.” The company’s AI-powered solution aims to address the challenge of false positives often seen in other secrets scanning tools, providing accurate results and prevention tools to control risk across the business.
The rise in non-human identities (NHIs) requiring credentials has led to an increase in the prevalence of secrets beyond source code, requiring security teams to expand their focus to systems such as ticketing platforms, artifact registries, and collaboration tools like Confluence and Slack.
The new secrets dashboard from Legit Security offers centralized visualization, analytics, prevention insights, and trends to help organizations prioritize remediation and measure the effectiveness of their security programs. Additionally, the ability to discover secrets in personal GitHub repositories enables teams to monitor and prevent exposure of sensitive information.
With Legit’s advanced capabilities, organizations can gain a comprehensive view of their secrets posture, identify trends over time, and strengthen their security posture throughout the software development lifecycle. A free trial of Legit’s secrets detection and prevention solution is available for organizations looking to enhance their security measures.