On the subject of protecting third-party APIs and customer data, where do you store your API keys and credentials? Hopefully not committed into git, right?? 🤨
Trufflehog and Gitleaks are my go-to tools for finding committed secrets.
https://github.com/gitleaks/gitleaks
https://github.com/trufflesecurity/trufflehog