Developer Secrets
Developer secrets are sensitive authentication tokens which can include API keys, access tokens, and passwords,. Developer secrets often are used to obtain access to cloud platforms, databases, source code and other sensitive resources. AWS secrets, GCP tokens, TLS private keys, and SSH keys are common examples of developer secretes in use across many organizations. Developer secrets are high-priority targets for threat actors looking to exploit cloud environments, and merit strong security controls to ensure they are not disclosed.