https://romanoroth.com/en/tags/gitleaks/Recent content in GitLeaks on Romano RothHugo -- gohugo.ioenRomano RothWed, 28 Sep 2022 00:00:00 +0000https://romanoroth.com/en/blogs/gitlab-devsecops-secret-detection/Wed, 28 Sep 2022 00:00:00 +0000https://romanoroth.com/en/blogs/gitlab-devsecops-secret-detection/<p>Hard-coded passwords and API keys are still one of the most common ways credentials leak. They get committed by accident, stay in the git history forever, and only show up when someone is already exploiting them. In Part 7 of our GitLab DevSecOps series, Patrick Steger and I add Secret Detection to the same pipeline we have been growing — one line of YAML — and then look at what GitLeaks actually finds, what it quietly misses, and what to do about it.</p>