Exposed Credentials Across the DevSecOps Pipeline: 5 Places Secrets Hide in Plain Sight

{"version":"1.0","provider_name":"Palo Alto Networks Blog","provider_url":"https:\/\/www.prismacloud.io\/blog","author_name":"Sal Partovi","author_url":"https:\/\/www.prismacloud.io\/blog\/author\/spartovi\/","title":"Exposed Credentials Across the DevSecOps Pipeline: 5 Places Secrets Hide in Plain Sight","type":"rich","width":600,"height":338,"html":"

Exposed Credentials Across the DevSecOps Pipeline: 5 Places Secrets Hide in Plain Sight<\/a><\/blockquote><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.prismacloud.io\/blog\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","thumbnail_url":"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2022\/10\/iStock-1194430859-edit-1280x1280-1.jpeg","thumbnail_width":1280,"thumbnail_height":720,"description":"Developers leverage hardcoded credentials to seamlessly access or authenticate the services needed to build and deploy applications. While this practice Discover the top five places exposed credentials hide in your organization and learn best practices to shift your secrets security left"}