/plushcap/analysis/datadog/detecting-leaked-credentials

How we detect and notify users about leaked Datadog credentials

What's this blog post about?

Datadog has partnered with GitHub and GitGuardian to protect its customers' accounts from the risk of leaked credentials, which can lead to data breaches and account takeovers. The company identifies potential leaks by scanning public repositories for keys in various locations such as configuration files, documentation, scripts, and more. Once a key is detected, Datadog notifies users via email or in-app notification on the API key management page. To mitigate the impact of leaked credentials, customers should revoke the compromised key immediately and monitor their account for suspicious activity. Additionally, implementing best practices such as defining scopes for application keys, using service accounts to manage them, regularly reviewing and revoking unused API keys, and creating multiple API keys for different purposes can help prevent future leaks.

Company
Datadog

Date published
Dec. 18, 2023

Author(s)
Jules Denardou

Word count
1722

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.