Consuming secrets is a cornerstone for connectivity between applications and infrastructure. Whether it be cloud identity-based secrets such as IAM role keys from AWS, or FTP accessibility credentials — secrets such as these are often discovered by malicious users.
The common culprit is usually in a public space such as public repositories on GitHub. While it’s easy to think “that will never happen to us”, it only takes one misplaced key pushed to the wrong repository for your entire infrastructure, application, and databases to be compromised and exposed.
You may think you are safe — that everyone on your team is smart and responsible with a security-first approach in mind — but accidents in code and commits can happen. This is where secret scanning can come in as a preventative solution.