Intelligent CIO North America Issue 08 | Page 48


Talend ’ s deployment of GitGuardian Public Monitoring is protecting it from secrets exposure both on its company repositories and on its developers ’ personal repositories .

Talend secures its sourc with automated secrets from GitGuardian

“ error exists , but the key is to be

Hardy , Talend CISO .
alerted and be able to take appropriate action when a leak is found ,” said Anne
Talend is a global leader in data integration and data integrity solutions and a pioneer in the opensource world . Talend , based in California , was the first company to market open-source data integration software . As a result of this ‘ open-source DNA ’, Talend uses GitHub . com extensively to collaborate and share code with the community .
When Talend CISO , Anne Hardy , joined the company in 2020 , she quickly identified that there was an issue relating to infrastructure credentials and other secrets leaking through GitHub .
“ When I arrived , I heard about quite a few issues with GitHub , including leaks of private information , keys , passwords that could be unintentionally stored and publicly exposed on GitHub by our developers or some of our professional services .
“ We absolutely had to deal with the problem quickly ,” said Hardy .
Talend had already tried to remedy this problem by developing an in-house tool . This complex project quickly exposed the limitations of building effective inhouse detection solutions . The solution not only had some flaws but also proved to be both challenging and expensive to maintain . Additionally ( and crucially ), it couldn ’ t identify and monitor developers ’ public personal repositories .
48 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com