Leakage of secrets, such as passwords, API keys, and tokens, poses a significant cybersecurity risk to organizations. Leaked secrets can be used to get a foothold into an organization’s network and lead to both persistence and breaches via island hopping and escalation of privileges. Current tools for detecting these secrets are often based on regexes, which result in a large volume of detections often with a high incidence of false positives.
During this presentation, I will introduce the open-source version of xGitGuard, which is a machine learning-based scanner designed to enhance upon regex-based solutions with minimal false positives. I will discuss the functionality of xGitGuard, the features we have released as open-source, and our future plans. Additionally, I will take this opportunity to promote and seek potential collaborators.
Dinesh Prakash, a Senior Technical Manager at Comcast, leads the SPIDER product development team. SPIDER has successfully built seven next-generation security and privacy products for enterprises. Dinesh’s expertise lies in designing scalable products, technical management, and people leadership. His technical skill set includes architecture design, functional programming, embedded programming, REST, DevOps, and data engineering using Spark and MLOps.
As part of their portfolio, Dinesh’s team developed an AI-based code scanner called xGitGuard. This tool is specifically designed for secret detection within codebases. It effectively filters out noise and identifies high-fidelity secrets, addressing the trending issue of secret exposure in software development. During the session, Dinesh will delve into a detailed exploration of xGitGuard.