Risk-based Secret Detection
Research Contributions:
-
Understanding of the developer motivation and decision making related to checking in secrets.
-
SecretBench, a benchmark of secret-containing files that can be used to compare secret detection tools.
-
Improved static analysis tools for detecting checked-in secrets.
-
A risk-based tool for prioritizing the eradication of already checked-in secrets.
