Secrets detection
The State of Secrets Sprawl 2024
The State of Secrets Sprawl 2024 report by GitGuardian uncovers a 28% increase in leaked secrets on GitHub, revealing an urgent need for significantly improved security practices ...
Tools Alone do not Automatically Guarantee Mature Secrets Management
Despite increased cybersecurity spending, there are certain areas where problems are only getting worse, such as secrets sprawl ...
Uncovering thousands of unique secrets in PyPI packages
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials ...
What to do if you expose a secret: How to stay calm and respond to an incident
Learn how to respond to a secret leak incident effectively. Follow our step-by-step guide to understand the impact, rotate secrets safely, and prevent future leaks ...
Yes, GitHub’s Copilot can Leak (Real) Secrets
Researchers successfully extracted valid hard-coded secrets from Copilot and CodeWhisperer, shedding light on a novel security risk associated with the proliferation of secrets ...
Why Automotive Companies Must Prioritize Secrets Detection
Explore the critical role of secrets security in the era of software-driven vehicles. From code leaks to supply chain vulnerabilities, read how safeguarding automotive software is paramount for consumer safety ...
Elevate your secrets security posture with GitGuardian Secrets Detection’s latest releases
Detect real secrets, automate severity scoring, prioritize your efforts on your most critical incidents, fix faster with your developers' help, and get the support you deserve from our team of experts! ...
Why you should look beyond source code for exposed secrets
Learn more about the various sources of exposed secrets beyond source code repositories. From CI/CD systems to container images, runtime environments to project management tools, uncover the risks associated with storing secrets ...
GitHub’s Default Push Protection: Enhancing Open-Source Security with Limitations to Consider
GitHub's Push Protection is now enabled by default for all public repositories, a big milestone for open-source security! Find out the key points you need to keep in mind before using it ...
Are Your Company Secrets Safe on GitHub? Here’s Why You Need to Request a Complimentary Audit
With a large number of developers, it’s highly likely that your company’s secrets are publicly exposed without your knowledge. Request your audit today and take control of your GitHub security perimeter ...