Scanning GitHub Gists for Secrets with Bring Your Own Source
Developers treat GitHub Gists as a "paste everything" service, accidentally exposing secrets like API keys and tokens. BYOS lets you scan and monitor these blind spots.
Beyond Secrets: How Managed Identities Are Transforming Multicloud Security
Managed identities offer a paradigm shift from "what fo you have"to "who you are" authentication, providing automated, short-lived credentials that eliminate credential sprawl across multicloud environments.
The Nx "s1ngularity" Attack: Inside the Credential Leak
On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure.
Agent-Based AI and the Machine Identity Revolution Are Reshaping Security
Is agentic AI the productivity revolution we've been waiting for, or a security nightmare in the making? With AI agents now outnumbering humans and secrets proliferating across enterprise systems, the answer isn't simple. Read our insights from SecDays {France} 2025.
Real-World Attack Chains Involving NHIs: Lessons from SecDays France
Based on the talk “The Explosion of Machine Identities: Are You Aware of This Silent Threat?” at SecDays France 2025.
Why Most Exposed Secrets Never Get Fixed
Our latest State of Secrets Sprawl 2025 research reveals a troubling reality: the majority of leaked corporate secrets found in public code repositories continue to provide access to systems for years after their discovery.
Gartner's Insights: Why Machine Identity Security is Your Next Critical Battlefront
In this blog, we’ll break down why machine identity security is essential, highlight Gartner’s recent research, and connect these insights to real-world issues and solutions discussed in our NHI blog series.
Keeping Secrets Out of Logs: Strategies That Work
tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.
From Confidence to Competence: The Reality of Secrets Management
The confidence gap in secrets management is real: 75% of organizations feel secure while only 44% of developers follow best practices. Discover what security experts reveal about remediation challenges, responsibility issues, and practical solutions for protecting your most sensitive credentials.
Top 10 AppSec Experts You Should Follow
The field of AppSec is constantly evolving. Keeping up with the latest tools and trends on social media can instantly flood your newsfeed. That’s why we’ve tapped on our research team to assist.
