While going through other HN threads, I noticed many participants in the discussions recommend that organizations noticing suspicious repo cloning activity start scanning source code for credentials. This is a great advice to limit the damage.<p>But where do you start when you find thousands of secrets exposed?
The other day I wrote a guide to help security and engineering teams prioritize and remediate thousands of such incidents. Hope it helps!<p><a href="https://blog.gitguardian.com/a-practical-guide-to-prioritize-and-remediate-thousands-of-secrets-leaks-incidents" rel="nofollow">https://blog.gitguardian.com/a-practical-guide-to-prioritize...</a>