October 2024 Meetup¶
Marcelo talked about finding secrets in your code using n0s1
!
Open-source Data Loss Prevention tool: n0s1¶
Are you monitoring your code base for leaked secrets? What about your project management and ticketing systems?
While most of us use secret scanners for source code, the SDLC begins before coding. Leaks may already be present in project management platforms like Jira, Confluence, and Asana.
n0s1
(github.com/spark1security) is an open-source secret scanner designed for Data Loss Prevention during the early SDLC stages. It integrates with existing CI security scanners and supports GitHub Actions, GitLab CI, and Docker.
Marcelo Sacchetin has been helping software developers over a decade to write secure code across multiple start-ups and Fortune 500 companies. He mainly focuses on building automation for SDL and empowering developers to master cybersecurity.
When he is not preventing secret leaks with n0s1 (pronunciation nosy), he can also be found having fun with car hacking, anti-virus evasion or building Python coding bots with his kids.
He founded spark1.us with the mission of helping companies to build secure software by leveraging open-source and automation.