GitHub’s Secret Scanning Now Includes Validity Checks for Major Token Providers

Enhanced Security: GitHub Expands Secret Scanning to Verify Token Validity

GitHub has expanded its secret scanning feature introduced in January 2023 to include validity checks for specific tokens from AWS, Microsoft, Google, and Slack, enhancing security measures to safeguard against leaked credentials such as passwords and API keys.

This development comes approximately ten months after GitHub, now under Microsoft’s ownership, pledged to incorporate more than “100+ secret scanning partners” into its ecosystem.