In computer science, there is a trend towards automation. A prominent example in software development is unit and integration tests of an application. Every time a code is changed on a cloud server, these tests take place automatically. In case of an error or quality problem, the system immediately informs the developers via email.
Because software security is extremely important, we want to make sure that secret keys such as API keys are not accidentally stored in the code repository. Our trainee Adam Giesinger dealt with this problem in spring and wrote an ingenious application.
His application automatically checks every code change and determines whether sensitive keys have been stored by mistake. If this is the case, the application informs the developers via security chat. The developers then renew or replace the respective key. We are already successfully using this important application in our customer projects.