Ep 09 - Secrets in the Code - How Leaked Keys Can Sink a Ship

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/df/be/99/dfbe9941-d770-5736-7a80-42f538522c86/mza_6689034245075288237.jpg/600x600bb.jpg

Coffee, Chaos and ProdSec

Cameron Walters & Kurt Hendle

19 episodes

5 hours ago

Coffee, Chaos & ProdSec is where cybersecurity meets caffeine-fueled chaos. Hosts Kurt (security architect and chaos tamer) and Cameron (ProdSec wrangler and DevSecOps junkie) dive into hacking, AppSec, supply chain failures, AI surprises, and the everyday madness of defending modern systems. With humor, sharp insight, real breach breakdowns, bad password confessions, and a few questionable impressions, they explore the messy reality of security and how teams survive it. New episodes Every Wednesday at 5 AM Eastern.

Technology

RSS

All content for Coffee, Chaos and ProdSec is the property of Cameron Walters & Kurt Hendle and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44638564/44638564-1762886116274-9844ad74a348e.jpg

Ep 09 - Secrets in the Code - How Leaked Keys Can Sink a Ship

Coffee, Chaos and ProdSec

54 minutes 45 seconds

1 month ago

Ep 09 - Secrets in the Code - How Leaked Keys Can Sink a Ship

🎙️ Coffee, Chaos and ProdSec, Ep 9

Ever pushed an API key at 2 a.m. and hoped nobody noticed? In this episode, we dig into one of the most preventable but devastating security failures: secrets in code. From leaked AWS keys and OAuth tokens to misconfigured GitHub Actions, we explore how small oversights can open the door to massive breaches, and why this problem keeps growing every year.

We break down real-world incidents like hardcoded admin credentials and recent supply-chain compromises, showing how each one spiraled from simple mistake to global impact. Then we look at the systemic reasons it keeps happening, velocity over hygiene, CI/CD complexity, and the myth that “encrypted” equals “secure.”

Grab your mug and join us as we share practical fixes that actually work, from automated scanning and vault integration to culture-level change. Because in the end, secrets management isn’t a feature, it’s survival.

☕ New episodes every Wednesday.

Coffee, Chaos and ProdSec -> strong coffee, stronger opinions.