How Segment Proactively Protects Customer's API Keys

Explore a conference talk from BSidesSF 2023 that delves into Segment's proactive approach to protecting customer API keys. Learn about the often-overlooked security risks associated with API keys, including the thousands of secrets leaked daily on GitHub. Discover how these leaked keys can potentially perform the same actions as authorized users, posing significant threats to organizational security. Gain insights into Segment's innovative strategies for safeguarding user API keys, moving beyond traditional security measures like app hardening, suspicious session tracking, and phishing investigation. This 26-minute presentation by Sal Olivares offers valuable knowledge for security professionals looking to enhance their API key protection protocols and mitigate associated risks.

BSidesSF 2023 - How Segment proactively protects customer’s API keys (Sal Olivares)