Why Understanding Your Secrets is the Key to Faster Remediation

Up to 27 days to fix a leaked secret? We feel your pain. Explore how contextual secrets management helps you take control, cut remediation time, and strengthen your security posture. Don't just detect, understand your secrets.

Soujanya Ain

6 Mar 2025 – 5 min read

Tiexin Guo

27 Jan 2025 – 10 min read

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

30 Sep 2024 – 7 min read

EDITOR’S PICK

Solving Secrets Management Challenges for NHIs: GitGuardian Integration with HashiCorp Vault

Ferdinand Boas

27 Feb 2025 – 6 min read

Protecting the Backbone of Modern Development: Scanning Secrets in Container Registries

Ferdinand Boas

23 Jan 2025 – 5 min read

all tags

Product News

Has Your Secret Leaked? Here's the easiest way to find out.

Today, we’re unveiling HasMySecretLeaked, a free toolset to help security and DevOps engineers verify if their organization’s secrets have leaked on GitHub.com.

Ziad Ghalleb

17 Oct 2023 – 7 min read

Engineering

HasMySecretLeaked - Building a Trustless and Secure Protocol

We can’t see your secrets, but we can tell you if they’ve leaked on GitHub. Here’s how we do it.

Guardians

17 Oct 2023 – 7 min read

Secrets detection

Yes, GitHub's Copilot can Leak (Real) Secrets

Researchers successfully extracted valid hard-coded secrets from Copilot and CodeWhisperer, shedding light on a novel security risk associated with the proliferation of secrets.

Thomas Segura

12 Oct 2023 – 6 min read

Secrets detection

Why Automotive Companies Must Prioritize Secrets Detection

Explore the critical role of secrets security in the era of software-driven vehicles. From code leaks to supply chain vulnerabilities, read how safeguarding automotive software is paramount for consumer safety.

Soujanya Ain

6 Oct 2023 – 9 min read

We’ve Got Badges! Yes We Do! We’ve Got 18 From G2!

GitGuardian scored a whopping eighteen G2 badges for Fall 2023, including Leader badges in two categories. Read on for details.

Greg Bulmash

5 Oct 2023 – 2 min read

Conferences

Cybersecurity and AI deep in the heart of Texas Cyber Summit

Dive into our Texas Cyber Summit 2023 recap. Discover how AI is impacting cybersecurity, learn about Zero Trust strategies, ransomware dos and don'ts, and more.

Dwayne McDaniel

4 Oct 2023 – 10 min read

CISO Roadmap

Top 10 AppSec Experts You Should Follow

The field of AppSec is constantly evolving. Keeping up with the latest tools and trends on social media can instantly flood your newsfeed. That’s why we’ve tapped on our research team to assist.

Anna Nabiullina

2 Oct 2023 – 7 min read

Supply Chain Security

Protecting Your Software Supply Chain: Understanding Typosquatting and Dependency Confusion Attacks

Typosquatting and dependency confusion are two common tactics used by hackers to exploit open-source package repositories. Understand how these attacks work and discover preventive measures to secure your infrastructure.

Guest Expert

29 Sep 2023 – 8 min read

Best practices

Secrets management takes more than just tools

Can you just purchase a tool to give you good security posture? Discover how People, Processes, and Tools elevate code security to protect against data breaches.

Dwayne McDaniel

27 Sep 2023 – 12 min read

Breach explained

Microsoft AI involuntarily exposed a secret giving access to 38TB of confidential data for 3 years

Discover how an overprovisioned SAS token exposed a massive 38TB trove of private data on GitHub for nearly three years. Learn about the misconfiguration, security risks, and mitigation strategies to protect your sensitive assets.

Thomas Segura

26 Sep 2023 – 6 min read

Frameworks & Regulations

A look at the future of supply chain and national security: Updates from CISA and NIST

Explore CISA & NIST's recent cybersecurity publications. Get key insights into securing vital infrastructure in an ever-evolving threat landscape and how GitGuardian can help.

Dwayne McDaniel

22 Sep 2023 – 9 min read

Security Research

From GitHub Leak to Pwn: A Hacker’s Kill Chain

Discover how seemingly minor mistakes, like leaking a secret to a non-publicly accessible resource, can lead to a major breach. In this engaging scenario, see how an attacker would chain vulnerabilities to access highly sensitive areas, and learn a valuable lesson along the way.

Carole Winqwist

20 Sep 2023 – 9 min read

Why Understanding Your Secrets is the Key to Faster Remediation

Soujanya Ain

MOST POPULAR

Authentication and Authorization Best Practices

Tiexin Guo

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

EDITOR’S PICK

Solving Secrets Management Challenges for NHIs: GitGuardian Integration with HashiCorp Vault

Ferdinand Boas

Protecting the Backbone of Modern Development: Scanning Secrets in Container Registries

Ferdinand Boas

Has Your Secret Leaked? Here's the easiest way to find out.

Ziad Ghalleb

HasMySecretLeaked - Building a Trustless and Secure Protocol

Guardians

Yes, GitHub's Copilot can Leak (Real) Secrets

Thomas Segura

Why Automotive Companies Must Prioritize Secrets Detection

Soujanya Ain

We’ve Got Badges! Yes We Do! We’ve Got 18 From G2!

Greg Bulmash

Cybersecurity and AI deep in the heart of Texas Cyber Summit

Dwayne McDaniel

Top 10 AppSec Experts You Should Follow

Anna Nabiullina

Protecting Your Software Supply Chain: Understanding Typosquatting and Dependency Confusion Attacks

Guest Expert

Secrets management takes more than just tools

Dwayne McDaniel

Microsoft AI involuntarily exposed a secret giving access to 38TB of confidential data for 3 years

Thomas Segura

A look at the future of supply chain and national security: Updates from CISA and NIST

Dwayne McDaniel

From GitHub Leak to Pwn: A Hacker’s Kill Chain

Carole Winqwist

Start your journey to secrets-free source code