GitHub ya sanar da ƙaddamar da sabis na kyauta don bin diddigin bugar bayanai na haɗari a cikin ma'ajiyar, kamar maɓallan ɓoyewa, kalmomin shiga DBMS da alamun samun damar API. A baya, wannan sabis ɗin yana samuwa ga mahalarta shirin gwajin beta kawai, amma yanzu an fara ba da shi ba tare da hani ga duk wuraren ajiyar jama'a ba. Don ba da damar duba ma'ajiyar ku, a cikin saitunan da ke cikin sashin "Tsaro na lamba da bincike", ya kamata ku kunna zaɓin "Scanning Sirrin".
Gabaɗaya, an aiwatar da samfura sama da 200 don gano nau'ikan maɓalli, alamu, takaddun shaida da takaddun shaida. Ana gudanar da binciken leaks ba kawai a cikin lambar ba, har ma a cikin batutuwa, kwatancen da sharhi. Don kawar da abubuwan da ba su dace ba, nau'ikan alamar lamuni ne kawai ake bincika, wanda ke rufe ayyuka daban-daban sama da 100, gami da Sabis na Yanar Gizo na Amazon, Azure, Crates.io, DigitalOcean, Google Cloud, NPM, PyPI, RubyGems da Yandex.Cloud. Bugu da ƙari, yana goyan bayan aika faɗakarwa lokacin da aka gano takaddun shaida da maɓallai masu sanya hannu.
A cikin Janairu, gwajin ya bincikar ma'ajiyar 14 dubu ta amfani da Ayyukan GitHub. A sakamakon haka, an gano kasancewar bayanan sirri a cikin ma'ajin 1110 (7.9%, watau kusan kowane goma sha biyu). Misali, alamun GitHub App 692, Maɓallan Adana Azure 155, Alamu na GitHub 155, Maɓallan AWS na Amazon 120, da maɓallan API 50 na Google an gano su a cikin ma'ajiyar.
source: budenet.ru