Ming Chow
Ming Chow is a Teaching Professor at the Tufts University Department of Computer Science. His areas of interest are web and mobile security, and Computer Science education. Ming has spoken at numerous organizations and conferences including the HTCIA, OWASP, InfoSec World, Design Automation Conference (DAC), DEF CON, Intel, SOURCE, HOPE, BSides, and ACM SIGCSE.
Session
Secrets are being leaked at an alarming rate—hardcoded API keys, tokens, credentials—you name it, it’s out there. From SolarWinds to everyday developers, secret exposure has become one of the top root causes of major breaches.
But what if you could scan for these secrets… at scale? On a student budget?
This talk is a deep dive into how I used Kubernetes, cloud credits, and some infrastructure hacking to scan VS Code extensions and other public sources for secrets—effectively and cheaply. Whether you're a cloud security enthusiast, a DevOps tinkerer, or just broke and curious, this talk will show how to harness distributed systems and automation to do big things with limited resources