How we detect and notify users about leaked Datadog credentials
Datadog has partnered with GitHub and GitGuardian to protect its customers' accounts from the risk of leaked credentials, which can lead to data breaches and account takeovers. The company identifies potential leaks by scanning public repositories for keys in various locations such as configuration files, documentation, scripts, and more. Once a key is detected, Datadog notifies users via email or in-app notification on the API key management page. To mitigate the impact of leaked credentials, customers should revoke the compromised key immediately and monitor their account for suspicious activity. Additionally, implementing best practices such as defining scopes for application keys, using service accounts to manage them, regularly reviewing and revoking unused API keys, and creating multiple API keys for different purposes can help prevent future leaks.
Company
Datadog
Date published
Dec. 18, 2023
Author(s)
Jules Denardou
Word count
1722
Hacker News points
None found.
Language
English