EPISODE · May 25, 2026 · 10 MIN
Why Your API Keys Are Leaking in Git Repos
from The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers · host Fexingo
Episode 11 of The Developer Tools Podcast. Lucas and Luna dig into a persistent security problem: API keys and secrets accidentally committed to public and private Git repositories. They unpack a real 2024-2025 GitHub data leak study, explain how automated scanners find exposed credentials within minutes, and compare secret-scanning tools like GitGuardian, TruffleHog, and GitHub's built-in push protection. The hosts walk through why developers still leak secrets despite awareness campaigns, the role of pre-commit hooks and environment variables, and what a practical remediation workflow looks like. No panic, no FUD — just a grounded conversation about a boring, expensive vulnerability that every engineering team should have a plan for. If you build software or manage developers, this episode gives you one concrete thing to check on Monday morning. #API #Security #Git #SecretsManagement #DevTools #GitGuardian #TruffleHog #PreCommitHooks #DevSecOps #DataBreach #Automation #SoftwareEngineering #Infrastructure #BusinessAndTechnology #FexingoBusiness #BusinessPodcast #DeveloperTools #CyberSecurity Keep every episode free: buymeacoffee.com/fexingo
What this episode covers
Episode 11 of The Developer Tools Podcast. Lucas and Luna dig into a persistent security problem: API keys and secrets accidentally committed to public and private Git repositories. They unpack a real 2024-2025 GitHub data leak study, explain how automated scanners find exposed credentials within minutes, and compare secret-scanning tools like GitGuardian, TruffleHog, and GitHub's built-in push protection. The hosts walk through why developers still leak secrets despite awareness campaigns, the role of pre-commit hooks and environment variables, and what a practical remediation workflow looks like. No panic, no FUD — just a grounded conversation about a boring, expensive vulnerability that every engineering team should have a plan for. If you build software or manage developers, this episode gives you one concrete thing to check on Monday morning. #API #Security #Git #SecretsManagement #DevTools #GitGuardian #TruffleHog #PreCommitHooks #DevSecOps #DataBreach #Automation #SoftwareEngineering #Infrastructure #BusinessAndTechnology #FexingoBusiness #BusinessPodcast #DeveloperTools #CyberSecurity Keep every episode free: buymeacoffee.com/fexingo
NOW PLAYING
Why Your API Keys Are Leaking in Git Repos
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m