Beyond Secrets: How Managed Identities Are Transforming Multicloud Security

Managed identities offer a paradigm shift from "what fo you have"to "who you are" authentication, providing automated, short-lived credentials that eliminate credential sprawl across multicloud environments.

Mattias Gees

29 Aug 2025 – 5 min read

Breach explained

The Nx "s1ngularity" Attack: Inside the Credential Leak

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure.

Guillaume Valadon

27 Aug 2025 – 6 min read

Secrets detection

SharePoint Zero-Day Exploits Highlight Hidden Secrets Risk in Document Collaboration Tools

The recent SharePoint zero-day exploits expose a critical blind spot: hardcoded secrets hidden in collaboration tools. While teams secure code repositories, API keys and credentials lurking in SharePoint documents create dangerous attack vectors for lateral movement.

Anna Nabiullina

23 Jul 2025 – 2 min read

Artificial Intelligence

Agent-Based AI and the Machine Identity Revolution Are Reshaping Security

Is agentic AI the productivity revolution we've been waiting for, or a security nightmare in the making? With AI agents now outnumbering humans and secrets proliferating across enterprise systems, the answer isn't simple. Read our insights from SecDays {France} 2025.

Anna Nabiullina

4 Jul 2025 – 9 min read

Non-Human Identity

Real-World Attack Chains Involving NHIs: Lessons from SecDays France

Based on the talk “The Explosion of Machine Identities: Are You Aware of This Silent Threat?” at SecDays France 2025.

Anna Nabiullina

25 Jun 2025 – 4 min read

Secrets detection

Why Most Exposed Secrets Never Get Fixed

Our latest State of Secrets Sprawl 2025 research reveals a troubling reality: the majority of leaked corporate secrets found in public code repositories continue to provide access to systems for years after their discovery.

Anna Nabiullina

5 Jun 2025 – 5 min read

Non-Human Identity

Gartner's Insights: Why Machine Identity Security is Your Next Critical Battlefront

In this blog, we’ll break down why machine identity security is essential, highlight Gartner’s recent research, and connect these insights to real-world issues and solutions discussed in our NHI blog series.

Anna Nabiullina

8 May 2025 – 6 min read

Secrets Management

Keeping Secrets Out of Logs: Strategies That Work

tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.

Anna Nabiullina

24 Mar 2025 – 5 min read

Secrets Management

From Confidence to Competence: The Reality of Secrets Management

The confidence gap in secrets management is real: 75% of organizations feel secure while only 44% of developers follow best practices. Discover what security experts reveal about remediation challenges, responsibility issues, and practical solutions for protecting your most sensitive credentials.

Anna Nabiullina

4 Mar 2025 – 5 min read

CISO Roadmap

Top 10 AppSec Experts You Should Follow

The field of AppSec is constantly evolving. Keeping up with the latest tools and trends on social media can instantly flood your newsfeed. That’s why we’ve tapped on our research team to assist.

Anna Nabiullina

2 Oct 2023 – 7 min read