Both of these attacks have used trufflehog. Is there an out of the box way to block that executable by name or signature?
I'd say an alternative question is "how can we stop storing secrets in source control" so then tools like Trufflehog can't find them :)
alt Hacker News
I'd say an alternative question is "how can we stop storing secrets in source control" so then tools like Trufflehog can't find them :)