Your Secrets Need a VDP, Not Just a Bug Bounty

Bug bounty programs are valuable—until they replace disclosure policies. Learn how unreasonable PoC demands or scope exclusions create security blind spots when it comes to leaked secrets.

EDITOR’S PICK

From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting

Guillaume Valadon

3 Sep 2025 – 4 min read

all tags

Product News

Secrets Analyzer: The Missing Context for Overprivileged Secrets

Secrets with excessive permissions are a goldmine for attackers. GitGuardian Secrets Analyzer helps security teams identify overprivileged secrets, analyze permissions, and shrink the attack surface.

BSides Austin 2024: Balancing AI Safety and Real-World Risks

At BSides Austin 2024, experts shared solutions for AI safety, cloud logging, systemic security planning, and effective executive collaboration strategies.

Dwayne McDaniel

13 Dec 2024 – 6 min read

Security Research

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data

On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.

Guillaume Valadon

11 Dec 2024 – 3 min read

Introducing The Next Step in GitGuardian’s NHI Security Approach

Non-Human Identity

Product News

Introducing The Next Step in GitGuardian’s NHI Security Approach

Discover how GitGuardian is redefining non-human identity (NHI) security with comprehensive secrets security and governance solutions to protect against modern threats.

Soujanya Ain

10 Dec 2024 – 7 min read

Product News

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Struggling with fragmented secrets management and inconsistent vault practices? GitGuardian new multi-vault integrations provide organizations with centralized secrets visibility, reduce blind spots, enforce vault usage and fight against vault sprawl.

Ferdinand Boas

10 Dec 2024 – 11 min read

Engineering

A Deep Dive into Celery Task Resilience, Beyond Basic Retries

How to make your Celery tasks more resilient with best practices to prevent workflow interruptions and handle various failure scenarios.

Guardians

5 Dec 2024 – 13 min read

DevSecOps

The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn’t a One-Click Solution

Automating secrets rotation requires maturity and planning. Let's look at how to inventory, scope, and secure credentials without risking downtime or vulnerabilities.

Dwayne McDaniel

3 Dec 2024 – 8 min read

MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Engineering

Artificial Intelligence

MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Our stack to go from experimenting to production won't have any more secrets for you.

Guardians

27 Nov 2024 – 10 min read

The Quest to Minimize False Positives Reaches Another Significant Milestone

Artificial Intelligence

GitGuardian

The Quest to Minimize False Positives Reaches Another Significant Milestone

Our breakthrough ML model FP Remover V2 slashes false positives by 80%, setting a new industry standard for secrets detection. Discover how we're helping security teams focus on real threats instead of chasing phantom alerts.

Guardians

25 Nov 2024 – 4 min read

Non-Human Identity

Non-Human Identity Security Strategy for Zero Trust Architecture

Explore NIST-backed guidance on securing Non-Human Identities, reducing risks, and aligning with zero trust principles in cloud-native infrastructures.

Dwayne McDaniel

22 Nov 2024 – 13 min read

Conferences

DevOpsDays Chattanooga 2024: Learning, Laughter, and Innovation

DevOpsDays Chattanooga 2024 delivered key insights on collaboration, security, and agile workflows with engaging talks, ignite sessions, and open discussions.

Dwayne McDaniel

18 Nov 2024 – 5 min read

GitGuardian

Connecting, Collaborating, and Celebrating: Our Global Team Seminar in the South of France

Last September, GitGuardian brought together its 150 Guardians from around the world for a three-day seminar on the beautiful Giens Peninsula in the south of France.

Guardians

17 Nov 2024 – 3 min read

Your Secrets Need a VDP, Not Just a Bug Bounty

Gaetan Ferry

MOST POPULAR

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

A Comprehensive Guide to SOPS: Managing Your Secrets Like A Visionary, Not a Functionary

Tiexin Guo

EDITOR’S PICK

From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting

Gaetan Ferry

When Google Says "Scan for Secrets": A Complete Guide to Finding Hidden Credentials in Salesforce

Guillaume Valadon

Secrets Analyzer: The Missing Context for Overprivileged Secrets

Ferdinand Boas

BSides Austin 2024: Balancing AI Safety and Real-World Risks

Dwayne McDaniel

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data

Guillaume Valadon

Introducing The Next Step in GitGuardian’s NHI Security Approach

Soujanya Ain

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Ferdinand Boas

A Deep Dive into Celery Task Resilience, Beyond Basic Retries

Guardians

The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn’t a One-Click Solution

Dwayne McDaniel

MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Guardians

The Quest to Minimize False Positives Reaches Another Significant Milestone

Guardians

Non-Human Identity Security Strategy for Zero Trust Architecture

Dwayne McDaniel

DevOpsDays Chattanooga 2024: Learning, Laughter, and Innovation

Dwayne McDaniel

Connecting, Collaborating, and Celebrating: Our Global Team Seminar in the South of France

Guardians

Start your journey to secrets-free source code