Dwayne McDaniel

Stop Committing Your Secrets - GIt Hooks To The Rescue!

What if you could automatically block secrets from ever entering your Git history? Learn how pre-commit hooks prevent costly leaks before they happen.

Stop Committing Your Secrets - GIt Hooks To The Rescue!
#1about 4 minutes

The high cost of accidental secret leaks in code

Major companies like Uber, Toyota, and Samsung have suffered significant breaches due to hard-coded credentials found in source code.

#2about 7 minutes

Why hard-coded secrets are a growing developer problem

The number of secrets exposed in public repositories is growing faster than developer population growth, often due to hurried workflows.

#3about 6 minutes

How Git's design makes committed secrets permanent

Git stores a complete, compressed snapshot of files for every commit, meaning a secret committed once remains in the repository's history forever.

#4about 5 minutes

Why manual secret management is not enough

Relying solely on .gitignore files or vaults is insufficient because human error can lead to accidental commits, which are very difficult to remove from history.

#5about 9 minutes

Automating secret prevention using local Git hooks

Git hooks provide a built-in automation platform to run scripts that can scan for secrets and block commits before they are created.

#6about 5 minutes

Comparing open source tools for secret detection

Several open source tools like AWS Git Secrets, TruffleHog, and GG Shield can be used to implement pre-commit hooks for secret detection.

#7about 2 minutes

Demo of a Git hook blocking a secret commit

A practical demonstration shows how a pre-commit hook (GG Shield) detects hard-coded AWS keys and prevents the commit from completing.

#8about 16 minutes

Key takeaways for preventing secret leaks in code

The best strategy is to avoid committing secrets in the first place by using automation like Git hooks and leveraging open source tools.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Securing developer access and development tools
03:16 MIN

Securing developer access and development tools

Securing your application software supply-chain

Securing workflows with secrets and best practices
02:32 MIN

Securing workflows with secrets and best practices

CI/CD with Github Actions

The risk of exposing credentials in Git repositories
04:08 MIN

The risk of exposing credentials in Git repositories

Securing Secrets in the GitOps era

Key takeaways for securing your application pipeline
02:45 MIN

Key takeaways for securing your application pipeline

Securing Your Web Application Pipeline From Intruders

Prevent leaked secrets with push protection and scanning
02:42 MIN

Prevent leaked secrets with push protection and scanning

Real-World Security for Busy Developers

A horror story of hardcoded and shared secrets
07:18 MIN

A horror story of hardcoded and shared secrets

How to Defend Against Data Manipulation Attacks - Bozidar Spirovski & Wekoslav Stefanovski

Understanding the fundamentals of GitHub Secrets
02:13 MIN

Understanding the fundamentals of GitHub Secrets

Best Practices for Using GitHub Secrets

Q&A on GitOps secret management practices
18:28 MIN

Q&A on GitOps secret management practices

Securing secrets in the GitOps Era

Featured Partners

Related Videos

See all videos
Securing Your Web Application Pipeline From Intruders
44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

Walking into the era of Supply Chain Risks
37:36

Walking into the era of Supply Chain Risks

Vandana Verma

DevSecOps: Security in DevOps
33:20

DevSecOps: Security in DevOps

Aarno Aukia

You can’t hack what you can’t see
29:34

You can’t hack what you can’t see

Reto Kaeser

Best Practices for Using GitHub Secrets
36:33

Best Practices for Using GitHub Secrets

Marcel Lupo

Securing secrets in the GitOps Era
58:52

Securing secrets in the GitOps Era

Davide Imola

Real-World Security for Busy Developers
29:50

Real-World Security for Busy Developers

Kevin Lewis

Securing Secrets in the GitOps era
58:57

Securing Secrets in the GitOps era

Alex Soto

Related Articles

View all articles
Daniel Cranney
Dev Digest 214: Claude Is Leaking, GitHub Is Listening & Axios Hacked!
Inside last week’s Dev Digest 214 . 🕵️ Claude source code leaked, analysed and re-written in 2 days 🐙 GitHub auto-opts users into feeding their code to train their AI 🌐 Pretext shows how to show complex text rendering in the browser 🤖 How to securin...
Dev Digest 214: Claude Is Leaking, GitHub Is Listening & Axios Hacked!
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
Daniel Cranney
Dev Digest 194: AI vs. Version Control, Password Louvre & Cursed Webdev
Inside last week’s Dev Digest 194 . 🧠 Learn how to become an AI-native software engineer 🤷‍♂️ How can you stand out when anyone can build anything? 👂 Whisper Leak allows listening to encrypted chats 🐝 What’s new the OWASP2025 Top Ten List 🙅‍♀️ Curse...
Dev Digest 194: AI vs. Version Control, Password Louvre & Cursed Webdev

From learning to earning

Jobs that call for the skills explored in this talk.