Back

Joseph Leon

Security Research Evangelist

Truffle Security Co.

Bio

Joe Leon is a security researcher at Truffle Security where he works to identify new sources of leaked secrets and contributes to the open-source security community. Previously, Joe led application security assessments for an offensive security consulting firm. Joe has taught technical offensive security classes at BlackHat USA and Asia as well as given talks at several major security conferences, including x33fcon and Wild West Hackin' Fest. Joe holds a Masters of Science in Cybersecurity Risk and Strategy from NYU.

Session

(The) Postman Carries a Lot of Secrets

Abstract

We're open sourcing a new tool that identifies secrets in Postman. This talk digs into research showing how Postman became one of the largest public sources of leaked secrets, walks through the unique challenges of identifying secrets in Postman workspaces, and provides suggestions on how to secure your developer's usage of Postman, using open source tools like TruffleHog.

©2024 ProjectDiscovery, Inc. All rights reserved.