Renovate & Dependabot: The New Malware Delivery System

Breach explained

Renovate & Dependabot: The New Malware Delivery System

Recent supply chain attacks stayed live for hours. Automation tools silently merged their malware in minutes. Read how upgrade bots and AI agents became the insider threat.

Gaetan Ferry

10 Apr 2026 – 8 min read

MOST POPULAR

Trivy’s March Supply Chain Attack Shows Where Secret Exposure Hurts Most

Guillaume Valadon

Guillaume Valadon

24 Mar 2026 – 5 min read

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

Dwayne McDaniel

27 Mar 2025 – 14 min read

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Anna Nabiullina

Anna Nabiullina

17 Mar 2026 – 6 min read

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk

Guillaume Valadon

Guillaume Valadon

5 Mar 2026 – 5 min read

GitGuardian Raises $50M Series C to Address Non-Human Identities Crisis and AI Agent Security Gap

GitGuardian Raises $50M Series C to Address Non-Human Identities Crisis and AI Agent Security Gap

Insight Partners leads round, alongside Quadrille Capital, to accelerate expansion across Americas, EMEA, and strategic verticals

Carole Winqwist

Carole Winqwist

11 Feb 2026 – 4 min read

Engineering at GitGuardian: Our Technical Challenges for 2026

Engineering at GitGuardian: Our Technical Challenges for 2026

At GitGuardian, we protect millions of developers from one of the most common, yet dangerous security mistakes: accidentally exposing secrets in code.

Henri Hubert

10 Feb 2026 – 6 min read

Aligning NHI Governance With Financial Services Regulatory Expectations

Frameworks & Regulations

Aligning NHI Governance With Financial Services Regulatory Expectations

Explore how NHI governance, secrets management, and risk framing support regulatory compliance, audit assurance, and operational resilience in the financial industry

Dwayne McDaniel

Dwayne McDaniel

9 Feb 2026 – 8 min read

Your Secrets Need a VDP, Not Just a Bug Bounty

Your Secrets Need a VDP, Not Just a Bug Bounty

Bug bounty programs are valuable—until they replace disclosure policies. Learn how unreasonable PoC demands or scope exclusions create security blind spots when it comes to leaked secrets.

Gaetan Ferry

6 Feb 2026 – 8 min read

GitGuardian NHI Governance Now Gives More Comprehensive Visibility

Non-Human Identity

GitGuardian NHI Governance Now Gives More Comprehensive Visibility

GitGuardian expands NHI Governance with integrations across cloud IAM, secrets managers, and SaaS platforms for complete machine identity control.

Soujanya Ain

3 Feb 2026 – 6 min read

Agentic AI and Non‑Human Identities Demand a Paradigm Shift In Security: Lessons from NHIcon 2026

Agentic AI and Non‑Human Identities Demand a Paradigm Shift In Security: Lessons from NHIcon 2026

In the race to innovate, software has repeatedly reinvented how we define identity, trust, and access. In the 1990's, the web made every server a perimeter. In the 2010's, the cloud made every identity a workload. Here in 2026, agentic

Dwayne McDaniel

Dwayne McDaniel

30 Jan 2026 – 7 min read

OpenClaw (Moltbot) Personal Assistant Goes Viral – And So Do Your Secrets

Security Research

OpenClaw (Moltbot) Personal Assistant Goes Viral – And So Do Your Secrets

Early 2026, Moltbot a new AI personal assistant went viral. GitGuardian detected 200+ leaked secrets related to it, including from healthcare and fintech companies. Our contribution to Moltbot: a skill that turns secret scanning into a conversational prompt, letting users ask "is this safe?"

Guillaume Valadon

Guillaume Valadon

29 Jan 2026 – 5 min read

Responding to Exposed Secrets - An SRE's Incident Response Playbook

Secrets detection

Responding to Exposed Secrets - An SRE's Incident Response Playbook

Today, let's take a closer look at incident response playbooks: how to build one, tailor it for secret leaks, take actions, and learn from incidents.

Tiexin Guo

27 Jan 2026 – 10 min read

Boards Focus On Risk, Resilience, and Operational Realities: Where NHI Governance Fits In

Non-Human Identity

Boards Focus On Risk, Resilience, and Operational Realities: Where NHI Governance Fits In

Learn how GitGuardian helps boards and CISOs align on cyber risk, operational resilience, and the rising impact of unmanaged workload identities at scale.

Dwayne McDaniel

Dwayne McDaniel

22 Jan 2026 – 9 min read

HMAC Secrets Explained: Authentication You Can Actually Implement

Secrets Management

HMAC Secrets Explained: Authentication You Can Actually Implement

A developer-first guide to implementing HMAC signatures correctly.

Thomas Segura

15 Jan 2026 – 6 min read

GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide

GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide

Leading secrets security platform sees accelerated adoption across Fortune 500, with 60% of new customers choosing multi-year commitments.

Carole Winqwist

Carole Winqwist

13 Jan 2026 – 2 min read

What AI Agents Can Teach Us About NHI Governance

Non-Human Identity

What AI Agents Can Teach Us About NHI Governance

Agentic AI is a stress test for non-human identity governance. Discover how and why identity, trust, and access control must evolve to keep automation safe.

Dwayne McDaniel

Dwayne McDaniel

9 Jan 2026 – 7 min read

GitGuardian is the code security platform for the DevOps generation.

With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.

Subscribe to our newsletter to receive the latest content and updates from GitGuardian.

By submitting this form, I agree to GitGuardian's Privacy Policy