"Nosey Parker: Find Sensitive Information in Textual Data and Git History"

Praetorian has open-sourced the Nosey Parker secret scanning tool's regular expression-based (RegEx) scanning capabilities. One of the more common attack vectors for an organization is inadvertent secret disclosure. Nosey Parker addresses the pervasive problem of sensitive information such as passwords, Application Programming Interface (API) keys, access tokens, asymmetric private keys, client secrets, and credentials being exposed in source code and configuration files. If an attacker discovers these secrets, they could access keys to other systems. Application security engineers, cloud security engineers, site reliability engineers, and developers can use the open-source RegEx version to quickly find the number of security incidents and their location, preventing a manual, time-consuming process. According to Praetorian, the newly released version scan 100 gigabytes of Linux Kernel source history on a laptop in five minutes.

Help Net Security reports "Nosey Parker: Find Sensitive Information in Textual Data and Git History"