Comment by darnthenuggets
4 days ago
Both of these attacks have used trufflehog. Is there an out of the box way to block that executable by name or signature?
4 days ago
Both of these attacks have used trufflehog. Is there an out of the box way to block that executable by name or signature?
I'd say an alternative question is "how can we stop storing secrets in source control" so then tools like Trufflehog can't find them :)