Nightfall AI Research Finds 35% of Exposed API Keys Are Still Active and Vulnerable to Exploit
06 Agosto 2024 - 8:05AM
Nightfall AI, the leading enterprise data leak prevention (DLP)
platform for SaaS, generative AI (GenAI), email and endpoints,
today published findings from its annual State of Secrets Report.
This research revealed that secrets like passwords and API keys
were most often found in GitHub, with nearly 350 total secrets
exposed per 100 employees every year. What’s more concerning is
that 35% of all API keys discovered were still active — posing a
major risk for privilege escalation attacks, data leaks, data
breaches and more. Many of the secrets discovered had already been
exposed for several months.
Companies who have embraced modern cloud, SaaS and GenAI
environments have only just begun to uncover the hidden risks of
secret sprawl, which occurs when sensitive information like API
keys or passwords are spread to apps, files and messages where they
don’t belong. From within apps like Slack, GitHub, Jira and Google
Drive, threat actors can easily find and leverage company secrets
to compromise organizations to a devastating degree, as we’ve seen
in numerous high-profile incidents at major brands, such as The New
York Times and Sisense. Nightfall’s research aimed to bring this
challenge to light and help companies understand where their
secrets are sprawled—as well as how they can clean up their tech
stack.
In its research, Nightfall scanned hundreds of terabytes of data
looking for sensitive secrets — passwords, API keys, database
connection strings and cryptographic keys — shared across cloud
systems and applications over the past year, and found more than
171,000 secrets exposed across SaaS apps, GenAI tools, email and
endpoints. While GitHub had the highest volume of secret sprawl,
54% of exposed secrets were found in other developer and
productivity apps, including Confluence (134 per 100 employees),
Zendesk (110), Slack (64) and Google Drive (34). This is notable
because gaining visibility into sensitive data across a multitude
of different SaaS platforms is a significant challenge for
companies.
In its research summary, Nightfall breaks its findings down with
a focus on passwords and API keys. Here are a few of the
findings:
Passwords were the most commonly exposed
secrets.
- 59% of the secrets discovered were passwords
- 8 passwords were discovered per 100 employees per week
- Passwords were most commonly found in GitHub (54%), Confluence
(23%), Zendesk (15%) and Slack (8%)
API Keys were found across many popular SaaS and
development platforms.
- 39% of the secrets discovered were API keys
- API keys were most commonly found in GitHub (71%), Slack
(6.6%), Google Drive (6.6%) and Jira (6.6%)
- 7 API keys were discovered per 100 employees per week
- The most risky types of API keys commonly discovered were JSON
web tokens, and API keys for Slack, AWS, GitHub, Gitlab, Google
Cloud and Azure
“Secret sprawl is a pervasive and ever-present problem that
companies must address now,” said Rohan Sathe, co-founder and CTO,
Nightfall. “Fortunately, it is easily preventable. It’s important
for security teams to know what secrets are being shared and where
they’re being shared in order to take action and minimize secret
exposure.”
Combatting Secret SprawlContinuous monitoring
and automated remediation can dramatically reduce the time it takes
to identify and mitigate risk associated with secret sprawl.
Nightfall also recommends that companies implement end-to-end
encryption, use password managers and rotate API keys regularly to
stave off data leaks and breaches. Nightfall also highlights the
importance of educating employees about the safest ways to share
secrets, and enforcing those teachings throughout the year as
opposed to with annual security training alone.
Learn more about secrets sprawl and Nightfall’s research
findings.
About Nightfall AINightfall is the first DLP
platform to leverage generative AI (GenAI) to discover, classify
and protect sensitive data across the modern enterprise, from SaaS
apps and GenAI tools to email, endpoints and beyond. Its powerful
detectors pinpoint and remediate PII, PCI, PHI, secrets and
credentials with 2x greater precision and 4x fewer false positives
than legacy solutions so security teams can respond to
high-priority alerts in near-real time and maintain continuous
compliance. Nightfall is trusted by global brands and innovators
alike, including Aaron’s, Acquia, Capital Rx, Bluecore, Snyk and
hundreds of others. The company is backed by Bain Capital Ventures,
Venrock, WestBridge Capital and Webb Investment Network, as well as
a cadre of CEOs, professional athletes and influencers. Learn more
about Nightfall at www.nightfall.ai.
Media ContactJennifer TannerLook Left
Marketingnightfall@lookleftmarketing.com