Cybersecurity - Chronicles of Technology

Cybersecurity

A collection of 2 posts

Setting up TruffleHog for repo security scans

Setting up TruffleHog for repo security scans

There are a lot of code repository scanners out there, but I recently used TruffleHog to scan our GitHub repos due to its simplicity in setup and execution. TruffleHog is an open-source security tool that scans code repositories for hardcoded secrets, such as API keys, passwords, and private encryption keys.

Principles of SecDevOps

Principles of SecDevOps

DevOps is a methodology first introduced in 2007 and focuses on collaboration between development and operations teams to streamline software delivery. DevSecOps later came into the picture around the 2010 timeframe and extends this approach by integrating security practices into the DevOps workflow. DevOps addresses security concerns later in the