Secrets detection
Responding to Exposed Secrets - An SRE's Incident Response Playbook
Today, let's take a closer look at incident response playbooks: how to build one, tailor it for secret leaks, take actions, and learn from incidents.
MOST POPULAR
all tags
other
![How To Use ggshield To Avoid Hardcoded Secrets [cheat sheet included]](/content/images/size/w600/2022/10/22W44-blog-SecuringYourSecretsWithGGshield-Cheatsheet.jpg)
How To Use ggshield To Avoid Hardcoded Secrets [cheat sheet included]
ggshield, GitGuardian’s CLI, can help you keep your secrets out of your repos, pipelines, and much more. Download our handy cheat sheet to help you make the most out of our CLI.
From Detection to Defense: How Push-to-Vault Supercharges Secrets Management for DevSecOps
Secrets don’t belong in plaintext. GitGuardian's Push-to-Vault automates vaulting exposed secrets, helping security teams scale governance and reduce incident fatigue.
How Orange Business Transformed Secrets Security with a Prevention-First Approach
From overwhelming alert fatigue to actionable intelligence: How one of Europe's largest telecom operators is building enterprise-scale secrets security with developer experience in mind.
Lessons in Testing, Performance, and Legacy Systems from /dev/mtl 2025
Montreal's recent community event revealed how feature flags, observability, and lifecycle discipline help teams manage complexity without compromising security or stability.
Mutual TLS (mTLS) Authentication - A Complete Guide
mTLS, or mutual Transport Layer Security, is a mechanism that establishes two-way authentication between two parties, ensuring they are who they claim to be.
How Machine Learning Transforms Security Alert Chaos into Actionable Intelligence
Learn how GitGuardian’s ML-powered risk scoring turns 10,000 noisy secrets alerts into a prioritized, actionable queue, tripling analyst efficiency, boosting critical detection 5× over rule-based systems, and safely auto-closing over a third of low-risk incidents.
![Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]](/content/images/size/w600/2025/11/shai-hulud--2--1.png)
Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens.
A Complete Guide to Transport Layer Security (TLS) Authentication
Data security is non-negotiable. Transport Layer Security (TLS) authentication stands as the cornerstone for the protection of data in transit. When it comes to protecting enterprise APIs, systems, and identities, the importance of TLS auth cannot be overstated.
The Ultimate Guide to GitHub Backups
In such a fast-developing world, it becomes more and more important to make sure the source code and its metadata are backed up in case of an emergency. Learn everything you need to know about how to backup a GitHub repository.
OWASP Top 10 2025 Updates: Supply Chain, Secrets, And Misconfigurations Take Center Stage
Discover what’s changed in the OWASP 2025 Top 10 and how GitGuardian helps you mitigate risks like broken access control and software supply chain failures.
Workload And Agentic Identity at Scale: Insights From CyberArk's Workload Identity Day Zero
On the eve of KubeCon 2025, experts from companies like Uber, AWS, and Block shared how SPIRE and workload identity fabrics reduce risk in complex, cloud-native systems.
Trust Beyond Containers: Identity and Agent Security Lessons from KubeCon 2025
From secure service mesh rollouts to AI cluster hardening, see how KubeCon + CloudNativeCon NA 2025 redefined identity, trust, and governance in Kubernetes environments.
