Maintain security for your Tailscale secrets with GitHub

Tailscale has announced a collaboration with GitHub to enhance the security of its network by integrating secret scanning capabilities. This partnership allows GitHub to scan source code, issues, pull requests, wikis, and other data for Tailscale secrets, such as API keys, OAuth client secrets, and SCIM keys. If a potential match is found, GitHub verifies it with Tailscale, which will then revoke the active secret and notify users via email. This initiative, which began quietly in October, has already led to the revocation of over 3,500 keys. The secret scanning is available for public GitHub repositories and, with GitHub Advanced Security, supports private repositories, reflecting a shared commitment to a robust security model.