Renovate & Dependabot: The New Malware Delivery System

Recent supply chain attacks stayed live for hours. Automation tools silently merged their malware in minutes. Read how upgrade bots and AI agents became the insider threat.

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Guillaume Valadon

5 Mar 2026 – 5 min read

all tags

Best practices

DevSecOps

Secure Your Secrets with .env

Using environment variables to store secrets instead of writing them directly into your code is one of the quickest and easiest ways to add a layer of protection to your projects.

Guardian Goofs: Signs Your Developers Are Leaking Secrets

Welcome to 2024 and a new monthly feature here at GitGuardian, a comic strip called "Guardian Goofs." If you like it, please show it some love by hitting one of those "share" links below it. And check back on the

Greg Bulmash

4 Jan 2024 – 1 min read

Product News

Application Security Posture Management with GitGuardian and ArmorCode

Managing GitGuardian Findings as Part of a Complete Risk-Based Software Security Program with ArmorCode ASPM.

Guest Expert

2 Jan 2024 – 4 min read

Honeytokens

How Honeytokens Can Detect and Stop Black Hat Computer Hackers

Detect & stop black hat hackers with honeytokens. Placed in datasets, these mimic real data, triggering alerts upon interaction. Bolster your cybersecurity now!

Guest Expert

29 Dec 2023 – 4 min read

Best practices

How to Become Great at API Key Rotation: Best Practices and Tips

Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation.

Guest Expert

28 Dec 2023 – 7 min read

Product News

Wrapping up Q4 2023: new detectors, your favorite features, and what’s coming next in GitGuardian

Unlock the latest secrets detectors, automate severity scoring, and dive into GitGuardian's unique dev & sec collaboration features!

Ziad Ghalleb

26 Dec 2023 – 8 min read

Honeytokens

Honeytokens For Peace Of Mind: Using Cyber Deception To Buy Time To Remediate At Scale

GitGuardian Honeytokens bring peace of mind that you are safe from leaks and attacks while tackling secrets sprawl, no matter how many repos or developers you have.

Dwayne McDaniel

22 Dec 2023 – 6 min read

Best practices

Working To Eliminate Hardcoded Secrets? Coordinating and Prioritizing Remediation With The GitGuardian Platform

Learn how GitGuardian helps teams effectively prioritize and coordinate remediation by gathering the right data and making progress tracking and communication easy.

Dwayne McDaniel

21 Dec 2023 – 8 min read

AI and Cybersecurity in 2024 - What's Changing and Why It Matters

Tired of the AI hype? We get it. Our latest blog takes a no-nonsense look at AI in 2024's cybersecurity – just the facts and some thoughtful insights. No earth-shattering revelations, just a decent read for your coffee break.

Thomas Segura

20 Dec 2023 – 3 min read

DevSecOps

The New Frontier in Cybersecurity: Embracing Security as Code

Security as Code (SaC) is a term often used with DevSecOps, but what does it mean exactly? Learn best practices and key components for a more secure and efficient development process.

Guest Expert

15 Dec 2023 – 10 min read

Tutorials

Ethical Hacking Q&A with Sonya Moisset

Join Mackenzie Jackson and Sonya Moisset for an eye-opening discussion about Ethical Hacking as Sonya answers questions from Mack and the webinar audience.

Greg Bulmash

14 Dec 2023 – 6 min read

Best practices

Developer Education - GitGuardian Supports Your Learning Style

Discover GitGuardian's diverse educational resources! From videos to podcasts and docs to hands-on learning, get a handle on secrets sprawl at your pace and style.

Dwayne McDaniel

11 Dec 2023 – 7 min read

Renovate & Dependabot: The New Malware Delivery System

Gaetan Ferry

MOST POPULAR

Trivy’s March Supply Chain Attack Shows Where Secret Exposure Hurts Most

Guillaume Valadon

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Anna Nabiullina

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk

Guillaume Valadon

Secure Your Secrets with .env

Greg Bulmash

Guardian Goofs: Signs Your Developers Are Leaking Secrets

Greg Bulmash

Application Security Posture Management with GitGuardian and ArmorCode

Guest Expert

How Honeytokens Can Detect and Stop Black Hat Computer Hackers

Guest Expert

How to Become Great at API Key Rotation: Best Practices and Tips

Guest Expert

Wrapping up Q4 2023: new detectors, your favorite features, and what’s coming next in GitGuardian

Ziad Ghalleb

Honeytokens For Peace Of Mind: Using Cyber Deception To Buy Time To Remediate At Scale

Dwayne McDaniel

Working To Eliminate Hardcoded Secrets? Coordinating and Prioritizing Remediation With The GitGuardian Platform

Dwayne McDaniel

AI and Cybersecurity in 2024 - What's Changing and Why It Matters

Thomas Segura

The New Frontier in Cybersecurity: Embracing Security as Code

Guest Expert

Ethical Hacking Q&A with Sonya Moisset

Greg Bulmash

Developer Education - GitGuardian Supports Your Learning Style

Dwayne McDaniel

Start your journey to secrets-free source code