We’re excited to announce that Neon is now a GitHub Secret Scanning Partner, joining a group of leading enterprises and technology firms working to enhance security. This partnership helps protect Neon users by automatically detecting exposed Neon database credentials and API keys in public repositories and npm packages before they can be exploited.

How It Works

GitHub’s secret scanning continuously monitors public repositories for exposed credentials. When a Neon database credential or API key is detected by GitHub, GitHub notifies Neon through an automated system that validates the credential is legitimate, alerts our security team on Slack, and notifies customers of the leak.

Security Benefits for Neon Users

By integrating with GitHub’s Secret Scanning, we provide an additional layer of security for our users, ensuring that exposed credentials are identified quickly and mitigated before they can be abused. This proactive approach helps prevent unauthorized access and reinforces Neon’s commitment to security.

Best Practices for Securing Your Credentials

To prevent accidental leaks, we strongly recommend following these security best practices:

• Use environment variables instead of hardcoding credentials.
• Store sensitive information in secret management tools like AWS Secrets Manager or HashiCorp Vault.
• Regularly rotate database credentials and API keys to minimize risk.

What’s Next?

Neon is committed to continuously improving security protections for our users. If you have any questions about this integration or need assistance securing your credentials, please reach out to us at security@neon.tech.

Stay secure!