Eliminating the hardcoded AWS secrets, database passwords from the codebase along with the Git history to reduce the security exposure.
Proofminder is a fast-growing AI startup in the agriculture domain. They help growers with cutting-edge technologies to grow better food with confidence and meet production goals sustainably.
The company's leadership recognized that building a sustainable startup requires making decisions with lasting consequences. They had to respond and adjust to shifts in their market. As a result, their codebase began to include hardcoded AWS secret keys, database passwords, and various other sensitive information.
If these credentials were stolen, they could be misused to access AWS cloud resources, the database, and more.
Using our proprietary tools, we thoroughly scanned their entire codebase, including their Git history, for credentials such as AWS keys, passwords, and API keys. This, however, was just the initial phase.
Once we compiled a list of credentials present in the codebase (or its history), we verified each one to determine if it was still valid.
At the end of the secret scanning process, we provided the client with a detailed report outlining our findings and identifying which secrets required immediate attention. There are two ways to handle secrets in a Git codebase: either rotating the secrets to invalidate them or rewriting the Git history.
As always, our recommendation is specific to the client's culture, teams, and processes. In this case, we opted for rotating the secrets.
Although the process is still ongoing, most of the secrets have been rotated and addressed. This effort has significantly improved the security of the codebase, ensuring that sensitive credentials are no longer exposed in plain text. Now, even if someone gains access to the codebase, there will be nothing valuable to steal.
We find and fix security gaps in your cloud setup. We inspect your AWS account, evaluate risks, and help you implement improvements to keep your data safe.
We find and fix security gaps in your cloud setup. We inspect your Oracle Cloud account, evaluate risks, and help you implement improvements to keep your data safe.
We turn your ideas into working software that fits your needs and helps your business grow. Our experienced team delivers top-quality results every time on schedule.