Secrets detection
The State of Secrets Sprawl 2025
GitGuardian's 2025 report reveals 70% of leaked secrets remain active two years later. Discover the alarming state of secrets sprawl & protect your organization.
MOST POPULAR
all tags
other
300. That's how many secrets detectors GitGuardian now runs.
GitGuardian now supports more than 300 secrets detectors, available in both products: GitGuardian for Public GitHub Monitoring and GitGuardian for Internal Repositories Monitoring.
Hardening Your Kubernetes Cluster - Guidelines (Pt. 2)
In this second episode, we will go through the NSA/CISA security recommendations and explain every piece of the guidelines.
Hardening Your Kubernetes Cluster - Threat Model (Pt. 1)
The NSA and CISA recently released a guide on Kubernetes hardening. We'll cover this guide in a three part series. First, let's explore the Threat Model and how it maps to K8s components.
Red Team Chronicles Episode 5 - Alert to Avoid Serious Compromise
For the last installment of our Red Team Chronicles, Philippe Caturegli explains the different phases of a compromise and what should be a priority for security teams.
Why detecting generic credentials is a game changer
Discover what generic secrets detection is really about, why it's a critical component to build a performant secrets detection engine, and how GitGuardian is tackling this problem.
How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?
With 2.5 million monthly downloads, Bokeh has made a name for itself in the world of open-source interactive visualization libraries. Read on to learn how GitGuardian helps Bryan Van de Ven (co-creator and project lead) and contributors protect their repositories against secrets leaks.
Happy 20th Birthday, OWASP!🎂
We're happy to celebrate the 20th birthday of the Open Web Application Security Project, one of the major open-source resources helping developers better understand and practice web security.
You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.
Today, we’re introducing Validity Checks in GitGuardian for Internal Repositories Monitoring. For each incident, users will now be able to verify if the leaked credentials are still valid — bringing their attention to unresolved incidents.
Red Team Chronicles Episode 4 - No Hidden Information
In this episode, you’ll discover a perfect illustration of the security knowledge gap existing between organizations. Offensive security expert Philippe Caturegli comes across a way too common belief: “nobody will find my scripts or my data because they are very carefully hidden”.
Introducing Presence Checks in GitGuardian for Internal Repositories Monitoring
Today, we’re introducing Presence Checks in GitGuardian for Internal Repositories Monitoring. For each incident in the dashboard, users will now be able to verify if the leaked secret is still present or if it was completely removed from the git history.
Improving the Nation’s Cybersecurity — What is 'Critical Software' and how should it be secured? (part 1)
The National Institute of Standards and Technology (NIST) under Executive Order (EO) 14028 has launched an initiative to improve the United States Cybersecurity on May 12th, 2021.
Security Chats - Danny from a Healthcare Tech Company
Danny and his team have been using both GitGuardian Internal Monitoring and GitGuardian Public Monitoring as a safety net. IT Central Station has interviewed him and wrote an objective and detailed review.
