GitHub has announced new partnerships with Atlassian, Dropbox, Discord, Proctorio and Pulumi to further protect its customers from security threats.
This announcement comes right as GitHub reached a new milestone, with one billion of tokens identified since it released its token scanning tool a year ago.
Accidently sharing a token or credential can have dramatic consequences in case a malicious user finds and exploits it.
On a typical day, GitHub sees almost nine million commits pushed to its platform. Within seconds of those commits being pushed (or private repositories being made public), the contents for a number of known token formats are scanned, and GitHub notifies the appropriate service provider to confirm whether tokens need to be revoked, and the affected users notified.
GitHub is also calling out for more cloud and API service providers who would like to protect their users from these potentially devastating scenarios to reach out, and become new token scanning partners.