Git Leaks: Boosting Detection Effectiveness Through Endpoint Visibility

Git Leaks: Boosting Detection Effectiveness Through Endpoint Visibility

연구 분야: Safety

학회: 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

Development platforms, such as GitHub, GitLab, and BitBucket, have become very popular among software developers. Unfortunately, it is not uncommon for developers to inadvertently leak secrets (e.g. API keys, credentials) and confidential source code on public Git repositories, facilitating numerous security breaches that impact reputation and result in losing revenue. Current Git leak detection strategies and tools often fall short due to a high false-positive rate, an ever-growing number of platforms and repositories to inspect, and a limited reach. This paper investigates the shortcomings of traditional Git leak detection methodologies and introduces an alternative approach to overcome those shortcomings. The approach consists of identifying all Git repositories associated with an organisation by collecting the URLs and the respective maintainer names from its endpoint fleet, empowering blue-teams to prioritise content inspection efforts against a well-defined set of targets and to boost incident response capabilities. The paper describes a prototype we implemented that serves as a proof of concept for the approach.