Non-Human Identity
What AI Agents Can Teach Us About NHI Governance
Agentic AI is a stress test for non-human identity governance. Discover how and why identity, trust, and access control must evolve to keep automation safe.
MOST POPULAR
all tags
other
Yes, GitHub's Copilot can Leak (Real) Secrets
Researchers successfully extracted valid hard-coded secrets from Copilot and CodeWhisperer, shedding light on a novel security risk associated with the proliferation of secrets.
GitGuardian's Secret Risk Assessment: Know Your True Exposure For Free
Get a comprehensive GitHub secret risk assessment with GitGuardian. Identify hidden exposures and strengthen your security posture. Start your free scan now!
Keeping Secrets Out of Logs: Strategies That Work
tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.
A Peek on Cloud Security: JSSI 2025
At JSSI 2025, French IT security experts discussed the cloud's impact on security. Presentations covered strategy and technical analysis. GitGuardian’s researchers shared insights on detecting secrets in the cloud and responsibly disclosing them to companies.
Compromised tj-actions/changed-files GitHub Action: A look at publicly leaked secrets
On March 14, 2025, the popular GitHub action tj-actions/changed-files was compromised, exposing secrets in CI logs. GitGuardian's analysis identified leaked secrets like GitHub tokens, AWS keys, and more.
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub's Push Protection
Generic secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub's push protection falls short.
Devnexus: Bringing Java Into The Age Of AI
The largest Java community conference, Devnexus 2025, tackled AI, security, and Java’s role in enterprise development. Read key takeaways for securing applications.
The State of Secrets Sprawl 2025
GitGuardian's 2025 report reveals 70% of leaked secrets remain active two years later. Discover the alarming state of secrets sprawl & protect your organization.
GitGuardian Is Now The Overall Most Installed GitHub Marketplace App
We are thrilled to announce that the GitGuardian App has become the most installed application on GitHub's Marketplace. We are proud to have passed this milestone, with over 418K developers and organizations trusting GitGuardian to detect secrets in their shared repositories. GitGuardian
API Keys Security & Secrets Management Best Practices - GitGuardian Blog
We have compiled a list of some of the best practices to prevent API key leakage and keep secrets and credentials safe. Secrets management doesn’t have a one-size-fits-all approach, so this list considers multiple perspectives so you can be informed in deciding to or not to implement strategies.
Why Understanding Your Secrets is the Key to Faster Remediation
70% of secrets stay valid after two years. Explore how contextual secrets management cuts remediation time and strengthens your security posture. Don't just detect, understand your secrets.
Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault
The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.
