Open Source Canary Tokens Help Detect Software Breaches

GitGuardian has launched ggcanary, a new “open source canary tokens project to help organizations detect compromised developer and DevOps environments,” reports Michael Hill.

“Canary tokens can be created and deployed in your code repositories, CI/CD pipelines, project management and ticketing systems like Jira or even instant messaging tools like Slack,” states the project’s GitHub page. “When triggered, canary tokens can help alert you of an intrusion in your developer environments.”

“Security teams can use ggcanary to create and deploy canary tokens in the form of Amazon Web Services (AWS) secrets that will trigger alerts as soon as they are tampered with,” the announcement says.

Read more at CSO Online.

Comments