All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

How GitHub eliminated 20,000+ secret scanning alerts across 15,000 repositories in nine months

By

Michael Recachinas

1d ago· 10 min readenInsight

Summary

GitHub Security launched a secret scanning initiative across its 15,000+ repositories, uncovering over 20,000 exposed secrets (API keys, tokens, credentials). The challenge was separating real risks from noise, assigning ownership, and building safe remediation workflows. After nine months of systematic effort, the team successfully reduced open alerts to zero, demonstrating a scalable approach to secrets hygiene that GitHub now offers to customers.

Source

bskyHow GitHub eliminated 20,000+ secret scanning alerts across 15,000 repositories in nine monthsgithub.blog

Key quotes

· 3 pulled
The number was significantly higher than we anticipated, but it quickly became clear that success would depend on identifying which alerts represented real risk, assigning ownership, and remediating them safely.
Nine months later, we reached zero open alerts.
Several years ago, GitHub Security launched an initiative to assess and improve our overall secrets hygiene.
Snippet from the RSS feed
GitHub had 20,000+ secret scanning alerts across 15,000 repositories. Here's how we separated signal from noise and built remediation workflows.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.