https://community.isc2.org/t5/Industry-News/Be-careful-of-how-easy-it-is-to-post-to-GitHub/m-p/20413#M2430 <P>My old school has done some very good work on pointing out how common it is for people to post keys in open source code.&nbsp; I am a fan of Open Source, but everyone needs to understand good practices, and never, NEVER, put credentials in your code, it is too easy to slip up and let them out.</P><P>&nbsp;</P><P><A href="https://www.zdnet.com/article/over-100000-github-repos-have-leaked-api-or-cryptographic-keys/" target="_blank">https://www.zdnet.com/article/over-100000-github-repos-have-leaked-api-or-cryptographic-keys/</A></P> Sun, 24 Mar 2019 10:44:22 GMT mgorman 2019-03-24T10:44:22Z https://community.isc2.org/t5/Industry-News/Be-careful-of-how-easy-it-is-to-post-to-GitHub/m-p/20413#M2430 <P>My old school has done some very good work on pointing out how common it is for people to post keys in open source code.&nbsp; I am a fan of Open Source, but everyone needs to understand good practices, and never, NEVER, put credentials in your code, it is too easy to slip up and let them out.</P><P>&nbsp;</P><P><A href="https://www.zdnet.com/article/over-100000-github-repos-have-leaked-api-or-cryptographic-keys/" target="_blank">https://www.zdnet.com/article/over-100000-github-repos-have-leaked-api-or-cryptographic-keys/</A></P> Sun, 24 Mar 2019 10:44:22 GMT https://community.isc2.org/t5/Industry-News/Be-careful-of-how-easy-it-is-to-post-to-GitHub/m-p/20413#M2430 mgorman 2019-03-24T10:44:22Z