Local Guardrails for Secrets Security in the Age of AI Coding Assistants

Modern developer environments expose sensitive context across files, prompts, logs, and commands. Learn how layered local controls reduce secrets risk.

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Guillaume Valadon

5 Mar 2026 – 5 min read

all tags

Conferences

Atlanta Cloud Conference 2024: Responsible AI Use And Securing Cloud Deployments

Dive into our recap of AtlCloudCon, a community-led, developer-focused event offering practical insights for responsibly harnessing AI and securing cloud infrastructure.

Is your roadmap prioritizing memory safe programming languages?

Cybersecurity agencies from five different national governments put out a plea in December for developers to use memory-safe programming languages. Are you ready?

Greg Bulmash

29 Mar 2024 – 3 min read

DevSecOps

Vulnerability Management

Vulnerability Management Lifecycle in DevSecOps

In this new series, CJ May shares his expertise in implementing secure-by-design software processes that empower engineering teams. The first stage of his DevSecOps program: vulnerability management.

SCaLE 21x: A Community Event About Much More Than Linux

Read our highlights from SCaLE 21x, where the community focused on all things open source, not just Linux, with over 270 sessions on DevOps, cloud tech, and security.

I asked 40 security experts to share their best advice, it didn't disappoint.

This post explores the best security advice we have received over the past almost 2 years from various different security professionals.

Mackenzie Jackson

22 Mar 2024 – 6 min read

How To Respond To An AWS Key Honeytoken Trigger: A Detailed Guide

Honeytokens

Best practices

How To Respond To An AWS Key Honeytoken Trigger: A Detailed Guide

Learn how to effectively respond to an AWS key honeytoken trigger with this step-by-step guide. Investigate the incident, identify the leak source, secure your environment, and leverage OSINT techniques to protect your AWS infrastructure.

Guest Expert

21 Mar 2024 – 6 min read

Breach explained

Misconfigurations in Google Firebase lead to over 19.8 million leaked secrets

Read our summary of research that found millions of records that exposed user passwords due to misconfigured or missing security settings.

Dwayne McDaniel

20 Mar 2024 – 3 min read

Security Zines

SOPS [Security Zines]

Enjoy the power of SOPS to secure your secrets with this new zine!

Thomas Segura

18 Mar 2024 – 2 min read

Conferences

SnowFROC 2024: Securing The Future With OWASP Community In Denver

OWASP's annual Denver conference brought together thought leaders to talk about security, dependency management, and how AI is complicating our lives.

Dwayne McDaniel

15 Mar 2024 – 6 min read

Supply Chain Security

Three Mechanisms to Protect Your Git Repositories

...despite all intentions to follow best practices, they don't. When you automate enforcement of best practices, you can ensure those practices are followed...

Greg Bulmash

14 Mar 2024 – 4 min read

Secrets detection

The State of Secrets Sprawl 2024

The State of Secrets Sprawl 2024 report by GitGuardian uncovers a 28% increase in leaked secrets on GitHub, revealing an urgent need for significantly improved security practices.

Thomas Segura

12 Mar 2024 – 3 min read

Breach explained

Nation-state hackers access Microsoft source code and steal secrets

Microsoft has been experienced a sustained attack by Russian-backed nation-state attacker Midnight Blizzard (also known as NOBELIUM). This blog examines all we know so far

Mackenzie Jackson

11 Mar 2024 – 3 min read

Local Guardrails for Secrets Security in the Age of AI Coding Assistants

Dwayne McDaniel

MOST POPULAR

No Off Season: Three Supply Chain Campaigns Hit npm, PyPI, and Docker Hub in 48 Hours

Guillaume Valadon

Renovate & Dependabot: The New Malware Delivery System

Gaetan Ferry

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Anna Nabiullina

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk

Guillaume Valadon

Atlanta Cloud Conference 2024: Responsible AI Use And Securing Cloud Deployments

Dwayne McDaniel

Is your roadmap prioritizing memory safe programming languages?

Greg Bulmash

Vulnerability Management Lifecycle in DevSecOps

Guest Expert

SCaLE 21x: A Community Event About Much More Than Linux

Dwayne McDaniel

I asked 40 security experts to share their best advice, it didn't disappoint.

Mackenzie Jackson

How To Respond To An AWS Key Honeytoken Trigger: A Detailed Guide

Guest Expert

Misconfigurations in Google Firebase lead to over 19.8 million leaked secrets

Dwayne McDaniel

SOPS [Security Zines]

Thomas Segura

SnowFROC 2024: Securing The Future With OWASP Community In Denver

Dwayne McDaniel

Three Mechanisms to Protect Your Git Repositories

Greg Bulmash

The State of Secrets Sprawl 2024

Thomas Segura

Nation-state hackers access Microsoft source code and steal secrets

Mackenzie Jackson

Start your journey to secrets-free source code