Code in an organization's software supply chain contains secrets, including personally identifiable information (PII), passwords and other sensitive enterprise data.
Whether stored in a public or private code repository, hackers can target enterprise secrets and find PII and other organizational secrets. One of the most common risks and the source of some high-profile cloud-native application cyberattacks is the use of secrets in code across the software supply chain.