Securing the codebase of an Agro AI startup

Eliminating the hardcoded AWS secrets, database passwords from the codebase along with the Git history to reduce the security exposure.

Agriculture
Tech
AI
Python
Angular
AWS
Securing the codebase of an Agro AI startup

About the company

Proofminder is a fast-growing AI startup in the agriculture domain. They help growers with cutting-edge technologies to grow better food with confidence and meet production goals sustainably.

The Challenge

The company's leadership recognized that building a sustainable startup requires making decisions with lasting consequences. They had to respond and adjust to shifts in their market. As a result, their codebase began to include hardcoded AWS secret keys, database passwords, and various other sensitive information.

If these credentials were stolen, they could be misused to access AWS cloud resources, the database, and more.

Solution

AWS Security logo

Using our proprietary tools, we thoroughly scanned their entire codebase, including their Git history, for credentials such as AWS keys, passwords, and API keys. This, however, was just the initial phase.

Once we compiled a list of credentials present in the codebase (or its history), we verified each one to determine if it was still valid.

At the end of the secret scanning process, we provided the client with a detailed report outlining our findings and identifying which secrets required immediate attention. There are two ways to handle secrets in a Git codebase: either rotating the secrets to invalidate them or rewriting the Git history.

As always, our recommendation is specific to the client's culture, teams, and processes. In this case, we opted for rotating the secrets.

"They cut our AWS cost in half within two weeks. Best ROI ever. And without Docktape we couldn't have built our multi-cloud solution with AWS and GCP this quick. Awesome job."
Avatar for Levente Simon
Levente Simon
CEO @ Proofminder

Results

Although the process is still ongoing, most of the secrets have been rotated and addressed. This effort has significantly improved the security of the codebase, ensuring that sensitive credentials are no longer exposed in plain text. Now, even if someone gains access to the codebase, there will be nothing valuable to steal.

Our customers are already growing their businesses in the cloud.
Now it's time for you.

Talk to an expert

Related services

AWS Cloud Security Assessment
AWS Cloud Security Assessment

We find and fix security gaps in your cloud setup. We inspect your AWS account, evaluate risks, and help you implement improvements to keep your data safe.

Read more
Oracle Cloud Security Assessment
Oracle Cloud Security Assessment

We find and fix security gaps in your cloud setup. We inspect your Oracle Cloud account, evaluate risks, and help you implement improvements to keep your data safe.

Read more
Custom Application Development
Custom Application Development

We turn your ideas into working software that fits your needs and helps your business grow. Our experienced team delivers top-quality results every time on schedule.

Read more