We cofounded Truffle Security for this reason.

Everyone's putting all their attention into fixing Javascript CVE's and fixing XSS.

Meanwhile, most of the time you're popped because an AWS key is in the wrong place.

🔒 How many secrets leak on public gists?

Of 37,323 checked, only 11 with secrets! 🤯

🤔Why so few?

👉Find out the unexpected reasons and secure your gists with 🐷 TruffleHog.

trufflesecurity.com/blog/do-secret…

JUST PLUGGING howtorotate.com FOR ANYONE THAT MIGHT NEED IT

Join us for an evening filled with expert security insights and valuable peer networking on 4/23 OWASPBayArea Meetup. Don't miss talks by Dylan, Sam Curry, and Denis Smajlović.

👉 Secure your spot now: meetup.com/bay-area-owasp…

Yeah this blog is cool and all but I prefer it sang in reggae : app.suno.ai/song/a28d0e90-…
Feross

New TruffleHog open-source script 🐷 helps make Docker Build Cloud is here! 🐳🧱☁️ 🐳more secure!

🔍 Scans every Docker image tag & architecture for leaked secrets

👉Get the script for a more comprehensive scan of Docker images: trufflesecurity.com/blog/scan-ever…

The Ballard of Richard Stallman.

AI Music gen tools are out of control.

This is a lawyer who accidentally mashed the Yubikey 2fa button into the DocuSign, and a CEO that signed it into a binding contract.

Sometimes it's fun to do some light hearted, low stakes research.

Hope others enjoy learning about SysRq, like I did!

Are we gate keeping the word 'attack' now?

Lots of people ask how TruffleHog 's verification works, so we wrote about it

Are database table names sensitive?

What's the most sensitive database table name you can think of?

GPT4 is capable of reading and writing base64 without running it through a decoder (something no human is capable of doing) chat.openai.com/share/c6d48ac3…

This is some really really cool research

💁💥 Today we’re unlocking a novel method of detecting AWS canary tokens, completely statically, without setting them off.

This feature is now natively built into TruffleHog, learn more: trufflesecurity.com/blog/canaries

🔒📷So with #Sora here, can CanonUSA Sony @samsungmobile and NikonUSA start making sensors with baked in Hardware Security Modules (HSM's) that cryptographically sign the images they take?