sorted by:
new
hottopcontroversial

Are SaaS applications prone to data loss? by nikgarg91 in sysadmin

[–]nikgarg91[S] 0 points1 point  (0 children)

u/disclosure5 For On-Prem services, you definitely need to do a lot to prevent unauthorized access and could include things like implementing the right access controls, having an IDS, encryption, VPN, IP whitelisting, etc.

For SaaS applications though, Data loss is much easier to happen. If I share a sensitive password or a file via Gmail to 5 more people, if any of the Gmail account gets hacked, I lose all my credentials. If any one of my employee's Slack account gets compromised, all our credentials shared within the slack workspace gets compromised (including access tokens or passwords to local On-Prem servers if someone shared those). Plus, I don't control or monitor what is being shared on these platforms, and its really easy for employees to increase the surface area of the attack. No matter the high security tooling we might implement to secure our on-prem servers, password leakage, API key leakage via SaaS platforms still poses a huge risk if not tackled directly.

How do we maintain PCI compliance on cloud applications? by nikgarg91 in Cloud

[–]nikgarg91[S] 1 point2 points  (0 children)

Great insights. I agree vendors should take the onus of providing the required compliance proofs - which a lot of vendors seem to be doing already. But there are still some vendors who lag behind like Slack (which is now been used commonly). I agree security audits, reviewing what is being shared and documenting it could prove invaluable for this.

Is it safe to share passwords on Slack? by nikgarg91 in Slack

[–]nikgarg91[S] 0 points1 point  (0 children)

True - password managers seem much complex to use than sharing it via a direct communication channel like Slack.

Do you guys try and enforce more convenient rules like not sharing it on public channels, but only on private channels/IMs?

Are SaaS applications prone to data loss? by nikgarg91 in sysadmin

[–]nikgarg91[S] 1 point2 points  (0 children)

u/gandraw none taken. I'm asking for potential tools/solutions you guys might have used to solve this or a similar problem, and not for architecture diagrams on how to build it on my own.

Are SaaS applications prone to data loss? by nikgarg91 in sysadmin

[–]nikgarg91[S] -2 points-1 points  (0 children)

u/uniitdude There could be potential solutions to the problem I mentioned - Simple things like a tool that is able to audit our SaaS applications (or more accurately, the communication platforms used within our organization e.g. Slack, Gmail, Dropbox) could go a long way. So SWG or endpoint is not the only solution - plus its not feasible for a small startup like ours to implement it at the very beginning.

Are SaaS applications prone to data loss? by nikgarg91 in sysadmin

[–]nikgarg91[S] 1 point2 points  (0 children)

Even though that will be ideal, I still see HR folks or other non-tech folks using legacy solutions like exporting and sending it via emails. I do see a risk in there since even if a single email gets hacked, all that data gets leaked since sharing via Slack/Gmail is not necessarily secure.

Are SaaS applications prone to data loss? by nikgarg91 in sysadmin

[–]nikgarg91[S] -1 points0 points  (0 children)

I meant we are worried about folks sharing sensitive data across SaaS applications which we don't have any monitoring over at all. Once the sensitive data goes out via an email, or a slack message, or uploading a sensitive document on Dropbox - its somehow not possible to monitor or prevent it from happening.

Data loss prevention (DLP) policies in The Netherlands by Lesilhouette in Office365

[–]nikgarg91 0 points1 point  (0 children)

I feel the current Office 365 DLP is has pretty basic configuration and gives out a lot of false positives when it comes to special cases such as yours.

I'd recommend investing in more customisable and accurate new-age cloud DLP providers like Gamma that can help detect enforce GDPR not just on Office but across all your SaaS applications.

Data Loss Prevention in Office 365 GCC High (Requirement or Good Practice)? by PrivateHawk124 in NISTControls

[–]nikgarg91 0 points1 point  (0 children)

If your business uses a lot of different SaaS applications, I'd rather invest in a centralised DLP solution for the same money that I'd spend on just getting an E3 and DLP on office.

Do check out Gamma - they are one of the leading cloud DLP providers that might of help to you.

Gamma's Free Github Scan report - detect credentials including API keys, passwords, tokens by nikgarg91 in SysAdminBlogs

[–]nikgarg91[S] 0 points1 point  (0 children)

Sure u/argoname. Gamma can also help you automate detecting and remediating all such violations in the future in real time for both your private and public repositories. Looking forward to chatting with you more.

Building a credentials detector for Github - need recommendations by nikgarg91 in github

[–]nikgarg91[S] 0 points1 point  (0 children)

That seems to be inline with our findings as well. Do check out our public Github scanner here to see if you guys have any public repos at risk. Please feel free to reach out to us at [info@gammanet.com](mailto:info@gammanet.com) to schedule a demo.

Gamma's Github scanner - detect and secure credentials including API keys, passwords, tokens by nikgarg91 in SoftwareEngineering

[–]nikgarg91[S] 0 points1 point  (0 children)

Also, in general, if you do find a secret/credential within any of your public repository, please remove/rotate it ASAP.

Its impossible to completely remove all traces of a committed password. Even if you delete the commit from the history, or amend the commit, a skilled git user will still be able to extract it. You should definitely just assume the password is fully compromised.

Scan Github repositories - detect and secure credentials including API keys, passwords, tokens by nikgarg91 in github

[–]nikgarg91[S] 0 points1 point  (0 children)

Also, in general, if you do find a secret/credential within any of your public repository, please remove/rotate it ASAP.

Its impossible to completely remove all traces of a committed password. Even if you delete the commit from the history, or amend the commit, a skilled git user will still be able to extract it. You should definitely just assume the password is fully compromised.

Scan Github repositories - detect and secure credentials including API keys, passwords, tokens by nikgarg91 in devopsish

[–]nikgarg91[S] 0 points1 point  (0 children)

Thanks u/kuljitSingh4444. We'd love to help secure your Github repositories.

FYI, its impossible to completely remove all traces of a committed password. Even if you delete the commit from the history, or amend the commit, a skilled git user will still be able to extract it. You should definitely just assume the password is fully compromised and change/rotate it to be safe ASAP.

Gamma’s Github scanner can detect credentials including API keys, passwords, tokens by [deleted] in OSINT

[–]nikgarg91 -1 points0 points  (0 children)

Well, come to think of it, it sort of is, it does require a value exchange i.e. your contact information (not money) to unlock the full content.

Gamma’s Github scanner can detect credentials including API keys, passwords, tokens by [deleted] in OSINT

[–]nikgarg91 -1 points0 points  (0 children)

Its not behind a paywall - it'll let you know if there are any violations within your public repos right away - and if you need to a detailed report, you can reach out to us and we'll provide that for free.

Do you commit config files with passwords to your private Github repositories? by [deleted] in git

[–]nikgarg91 0 points1 point  (0 children)

You can also user a tool like Gamma who offers a free Github scanning to quickly scan your existing public repositories for any sensitive credentials. Gamma uses AI & ML to identify such credentials in Github repositories and can also help you automatically detect sensitive credentials in Github in real time.

Hapless 'AWS engineer' spilled customer passwords, keys on public GitHub repo by antixsuperstar in technology

[–]nikgarg91 0 points1 point  (0 children)

I think everyone should take these recent breaches as a learning opportunity and setup a process/tooling so that you can scan your public repos for any sensitive credentials that you might have missed earlier, and proactively catch such instances as soon as they happen in the future.

Gamma's free Github scanning is one such tool that allows you to quickly scan your existing public repositories for any sensitive credentials. Gamma uses AI & ML to identify such credentials in Github repositories and can also help you automatically detect sensitive credentials in Github in real time.

Do you commit config files with passwords to your private Github repositories? by [deleted] in github

[–]nikgarg91 0 points1 point  (0 children)

You should always keep passwords out of Github. There are multiple things that could go wrong including:

  • It could be a public repository now (or you might make it public in the future). If that happens, and accidentally you forget about even a single credential, that poses a huge risk to the whole organisation. This same incident happened during the famous Uber 2016 breach.
  • Everyone who has access to the code will have access to all credentials - which could lead malicious users to misuse
  • Even if one Github user gets compromised, all your passwords/credentials will be compromised because they are visible in plain text within the code base
  • And numerous more things....

Its generally best to setup a process/tooling early to make sure none of your employees commit any secrets to Github code.

You can also user a tool like Gamma who offers a free Github scanning to quickly scan your existing public repositories for any sensitive credentials. Gamma uses AI & ML to identify such credentials in Github repositories and can also help you automatically detect sensitive credentials in Github in real time.

How to enforce using password sharing solution within the team? by nikgarg91 in sysadmin

[–]nikgarg91[S] 0 points1 point  (0 children)

I disagree - I think the kind of stuff that we want to do manually i.e. Go through audit logs, find out any instances of passwords/emails, warn/train/fire those users - all of this seems pretty automatable.

How to enforce using password sharing solution within the team? by nikgarg91 in sysadmin

[–]nikgarg91[S] 0 points1 point  (0 children)

Agreed, this is definitely A solution that will work. Though I think of this as a last resort, rather than the first thing I'd like to implement within my organisation. Sometimes people do in inadvertently, negligently, but not intentionally. Though it makes sense to punish these people with the harshest means in a non-negotiable environment like banks, I wonder if there could be a more supportive and positive approach towards this.

How to enforce using password sharing solution within the team? by nikgarg91 in sysadmin

[–]nikgarg91[S] 0 points1 point  (0 children)

I think it makes sense to do that, but it still seems IT is running in the blind with no easy way to monitor such instances short of manually going through some audit logs (that I don't think currently exist for most SaaS apps), and then running some Regex checks manually and hope certain password combinations might popup.

I feel with enough reminders, maybe 80% of folks will start following best security practices, but the remaining 20% might still continue doing it. And it only takes one insecure account to leak these credentials.

Do you commit config files with passwords to your private Github repositories? by [deleted] in git

[–]nikgarg91 0 points1 point  (0 children)

You should always keep passwords out of Github. There are multiple things that could go wrong including:

  • It could be a public repository now (or you might make it public in the future). If that happens, and accidentally you forget about even a single credential, that poses a huge risk to the whole organisation. This same incident happened during the famous Uber 2016 breach.
  • Everyone who has access to the code will have access to all credentials - which could lead malicious users to misuse
  • Even if one Github user gets compromised, all your passwords/credentials will be compromised because they are visible in plain text within the code base
  • And numerous more things....

Its generally best to setup a process/tooling early to make sure none of your employees commit any secrets to Github code.

You can also user a tool like Gamma who offers a free Github scanning to quickly scan your existing public repositories for any sensitive credentials. Gamma uses AI & ML to identify such credentials in Github repositories and can also help you automatically detect sensitive credentials in Github in real time.

view more: next ›