Security risk assessment and control for code

What is claimed is: 1. A non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for automatically detecting and addressing security risks in code segments, the operations comprising: automatically identifying a code segment included in or developed for inclusion in a body of code for execution in a network environment; scanning the code segment to identify one or more credentials coded into the code segment and one or more application programming interface action calls included in the code segment, wherein the one or more credentials are required for accessing at least one target resource; determining an embedded credentials risk level based on a quantity of the identified one or more credentials; determining an application programming interface risk level based on a type of at least one of the identified one or more application programming interface action calls, the at least one application programming interface call being directed to the at least one target resource; determining a security risk level for the code segment based on the embedded credentials risk level and the application programming interface risk level, wherein determining the security risk level includes determining whether at least one of the identified one or more credentials enables access to the at least one target resource via the at least one application programming interface action call without requiring supplemental credentials to be provided by a user; identifying an anomaly in the code segment indicating a security risk associated with the code segment; and applying, based on the identification, a control action associated with at least one of the code segment, the network environment, or an identity associated with the code segment. 2. The non-transitory computer readable medium of claim 1 , wherein identifying the anomaly comprises: identifying at least one additional code segment developed for execution in the network environment; determining a security risk level for the additional code segment; and comparing the security risk levels for the code segment and the additional code segment. 3. The non-transitory computer readable medium of claim 2 , wherein the additional code segment is included in the body of code. 4. The non-transitory computer readable medium of claim 2 , wherein the additional code segment comprises a modification of the code segment. 5. The non-transitory computer readable medium of claim 1 , wherein identifying the anomaly comprises identifying suspicious code injected into the code segment. 6. The non-transitory computer readable medium of claim 1 , wherein automatically identifying the code segment comprises dynamically scanning the network environment in real time. 7. The non-transitory computer readable medium of claim 1 , wherein the identity comprises a creator of the code segment. 8. The non-transitory computer readable medium of claim 1 , wherein the control action comprises modifying at least one authentication requirement associated with the identity. 9. The non-transitory computer readable medium of claim 1 , wherein the control action comprises modifying at least one authentication requirement associated with the code segment. 10. The non-transitory computer readable medium of claim 1 , wherein the control action comprises flagging the one or more credentials. 11. The non-transitory computer readable medium of claim 1 , wherein the control action comprises disabling the one or more credentials. 12. The non-transitory computer readable medium of claim 1 , wherein the control action comprises removing the one or more credentials from the code segment. 13. The non-transitory computer readable medium of claim 1 , wherein the control action comprises reporting the anomaly. 14. A computer-implemented method for automatically detecting and addressing security risks in code segments, the method comprising: automatically identifying a code segment included in or developed for inclusion in a body of code for execution in a network environment; scanning the code segment to identify one or more credentials coded into the code segment and one or more application programming interface action calls included in the code segment, wherein the one or more credentials are required for accessing at least one target resource; determining an embedded credentials risk level based on a quantity of the identified one or more credentials; determining an application programming interface risk level based on a type of at least one of the identified one or more application programming interface action calls, the at least one application programming interface call being directed to the at least one target resource; determining a security risk level for the code segment based on the embedded credentials risk level and the application programming interface risk level, wherein determining the security risk level includes determining whether at least one of the identified one or more credentials enables access to the at least one target resource via the at least one application programming interface action call without requiring supplemental credentials to be provided by a user; identifying an anomaly in the code segment indicating a security risk associated with the code segment; and applying, based on the identification, a control action associated with at least one of the code segment, the network environment, or an identity associated with the code segment. 15. The computer-implemented method of claim 14 , wherein identifying the anomaly comprises: identifying at least one additional code segment developed for execution in the network environment; determining a security risk level for the additional code segment; and comparing the security risk levels for the code segment and the additional code segment. 16. The computer-implemented method of claim 14 , wherein the operations further comprise updating a profile associated with a creator of the first code segment based on the security risk. 17. The computer-implemented method of claim 14 , wherein the application programming interface risk level is based on a determination of whether the one or more application programming interface action calls have security risks. 18. The computer-implemented method of claim 14 , wherein the embedded credentials risk level is determined based on a degree of privileged access associated with the one or more credentials. 19. The computer-implemented method of claim 14 , wherein the target resource risk level is determined based on a determination of whether the target resources are sensitive network resources. 20. The computer-implemented method of claim 14 , wherein applying the control action comprises reporting the anomaly.