In order to more fully ensure AWS keys can't be inadvertently leaked, add a rule to detect any string that might be an AWS key.
This is a finding from our 3PAO review of caulking
This will generate lots of false positives, so it would be considered a mitigation until we better ensure that only short-lived authenticators are used.
In order to more fully ensure AWS keys can't be inadvertently leaked, add a rule to detect any string that might be an AWS key.
This is a finding from our 3PAO review of
caulking
This will generate lots of false positives, so it would be considered a mitigation until we better ensure that only short-lived authenticators are used.
Security considerations
To update rules, no implications as such
Implementation sketch