Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a critical security vulnerability in modern version control systems through this 27-minute conference talk that reveals how dangling commits across GitHub, GitLab, and Bitbucket expose sensitive information at an alarming scale. Discover systematic techniques for identifying and enumerating orphaned commits that persist in repository history even after developers believe they've removed sensitive data through resets, modifications, or deletions. Learn about the engineering methodology behind large-scale analysis of Git platforms that uncovered widespread exposure of API keys, credentials, and proprietary configurations hidden within these repository remnants. Understand the challenges encountered during at-scale vulnerability research and gain insights into the technical approaches used to systematically extract sensitive information from dangling commits across major development platforms. Master practical solutions and repository hygiene best practices to prevent such exposures, ensuring comprehensive security coverage for both visible code and hidden repository remnants that pose silent but significant risks to organizational security.
