In the “almost didn’t make it” file, quoting from Bleeping Computer…
On Monday, GitHub announced that it expanded its code hosting platform’s secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically.
Secret scanning is an advanced security option that organizations using GitHub Enterprise Cloud with a GitHub Advanced Security license can enable additional repository scanning.
It works by matching patterns defined by the organization or provided by partners and service providers. Each match is reported as a security alert in the repos’ Security tab or to partners if it matches a partner pattern.
Why do we care?
That last two statements are why the story cut – service providers can define the patterns.
That smells like a consulting and services opportunity. Listeners, how would this service look? Someone enlighten me – or go forth and make this a services opportunity yourself, then come back and tell me how you did it. Are you doing this now? That line isn’t there for no reason. That’s why we care.