xGitGuard is a software constructed by Comcast to maintain inadvertently uploaded authentication secrets and techniques out of GitHub repositories that’s now obtainable as open-source software program.
It may be used to scan GitHub at scale and determine proprietary authentication secrets and techniques, particularly passwords, API keys, and tokens. Growth groups can use xGitGuard to determine credentials in their very own repositories.
xGitGuard makes use of superior pure language processing to detect authentication secrets and techniques and has one mode for detecting credentials and one other for detecting API tokens and keys. The software follows a six-step course of: search GitHub at scale, filter outcomes, detect and extract secrets and techniques, developer identification, validate secrets and techniques after which submit for remediation.
Search: xGitGuard makes use of main key phrases which seek for paperwork which can be associated to the group and secondary keys to focus on paperwork that probably include secrets and techniques.
Filter Outcomes is a question engine throughout the challenge that runs a number of queries concurrently to extra quickly cowl the dimensions of GitHub.
The detect and extract secrets and techniques performance is the challenge’s core AI mannequin that processes the filtered outcomes for secrets and techniques.
The software additionally contains different functionalities similar to ‘developer identification’, ‘validate secrets and techniques’, and ‘submit for remediation’.
Further particulars concerning the software can be found right here.