{"version":"1.0","provider_name":"HITBSecConf2024 - Bangkok","provider_url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk","title":"Secret Scanning in Open Source at Scale (in-depth)","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"uAAaVo23Cl\"><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/secret-scanning-in-open-source-at-scale\/\">Secret Scanning in Open Source at Scale (in-depth)<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/secret-scanning-in-open-source-at-scale\/embed\/#?secret=uAAaVo23Cl\" width=\"600\" height=\"338\" title=\"&#8220;Secret Scanning in Open Source at Scale (in-depth)&#8221; &#8212; HITBSecConf2024 - Bangkok\" data-secret=\"uAAaVo23Cl\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script>\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n<\/script>\n","description":"In this in-house research, we have conducted research on publicly available open-source assets like (JS packages), WordPress Plugins, and Ruby Gems to find out the presence of mistakenly or deliberately publicly exposed secrets (including private API keys and so on) i.e. AWS, Google, etc. (33 different types!)","thumbnail_url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/06\/hassan.png","thumbnail_width":300,"thumbnail_height":300}