Key Leaks, Vault Failures, and TEE Attacks: Highlights from RWC 2026

What resonated most at RWC 2026? GitGuardian highlights key research on private key leaks, password managers, trusted execution environments, and secret sprawl.

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Guillaume Valadon

5 Mar 2026 – 5 min read

all tags

Supply Chain Security

Supply Chain Security: What is SLSA? (Part I)

Attacks on software supply chains have been around for some time, but recently they have evolved into much more dangerous threats. Let's dive into the SLSA framework to understand where supply chain security is headed.

Guest Expert

3 Feb 2023 – 8 min read

Tutorials

Using GGCanary to Create Your Own Honeytokens with Open Source Tools - Complete Tutorial

Honeytokens or Canary Tokens are credentials designed to alert you when an attacker is in your infrastructure. This is a complete tutorial how to create them using only open-source projects.

Mackenzie Jackson

1 Feb 2023 – 10 min read

Product News

Q4 2022 Product Roundup – find and fix hardcoded secrets

Learn more about the challenges awaiting organizations of hundreds to thousands of developers deploying secrets detection and how we're addressing them with our latest feature releases.

Ziad Ghalleb

30 Jan 2023 – 4 min read

Cheat sheets

IAM Best Practices [cheat sheet included]

Download our cheat sheet on IAM, Identity and Access Management, best practices. It will help you make your cloud environments more secure.

Dwayne McDaniel

27 Jan 2023 – 9 min read

Best practices

DevSecOps

How to Handle Secrets in Python

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

Guest Expert

25 Jan 2023 – 12 min read

Product News

Azure repos native integration with GitGuardian

DevOps teams and developers can now bring the power of automated secrets detection and remediation to their Azure DevOps repositories.

Soujanya Ain

20 Jan 2023 – 4 min read

Best practices

Top 10 Practices for Secure Software Development

Developer security practices are about adding security at each software development stage. Here’s a list of top developer security practices to follow.

Thomas Segura

18 Jan 2023 – 8 min read

Engineering

10 Tips to Optimize PostgreSQL Queries in Your Django Project

Philippe is back, this time joined by Laurent, to reveal their best tips & tricks to make Django and Postgres the best friends in the world.

Guardians

11 Jan 2023 – 13 min read

Best practices

How To Secure Your CI/CD Pipeline

After CircleCI breach, it is a good moment for any team relying on CI/CD infrastructure to review their pipeline security as there are some steps they can take to be proactive.

Dwayne McDaniel

6 Jan 2023 – 5 min read

Tutorials

Open Policy Agent with Kubernetes - Tutorial (Pt. 2)

This time, we will see how to get a deeper integration between OPA and Kubernetes with Gatekeeper and native CRD-based policies.

Guest Expert

4 Jan 2023 – 8 min read

Secrets detection

GitGuardian Secrets Detectors 2022 Wrap-Up

The GitGuardian team is still striving to provide the broadest secrets detection engine, helping you find and fix all sorts of hardcoded secrets! Learn more about the specific and generic detectors our team has released in 2022 in this post.

Ziad Ghalleb

30 Dec 2022 – 2 min read

Tutorials

Open Policy Agent with Kubernetes - Tutorial (Pt. 1)

Let's get our hands dirty with policy as code and write our first OPA policies for a Kubernetes environment.

Guest Expert

27 Dec 2022 – 3 min read

Key Leaks, Vault Failures, and TEE Attacks: Highlights from RWC 2026

Gaetan Ferry

MOST POPULAR

Trivy’s March Supply Chain Attack Shows Where Secret Exposure Hurts Most

Guillaume Valadon

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

EDITOR’S PICK

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

Anna Nabiullina

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk

Guillaume Valadon

Supply Chain Security: What is SLSA? (Part I)

Guest Expert

Using GGCanary to Create Your Own Honeytokens with Open Source Tools - Complete Tutorial

Mackenzie Jackson

Q4 2022 Product Roundup – find and fix hardcoded secrets

Ziad Ghalleb

IAM Best Practices [cheat sheet included]

Dwayne McDaniel

How to Handle Secrets in Python

Guest Expert

Azure repos native integration with GitGuardian

Soujanya Ain

Top 10 Practices for Secure Software Development

Thomas Segura

10 Tips to Optimize PostgreSQL Queries in Your Django Project

Guardians

How To Secure Your CI/CD Pipeline

Dwayne McDaniel

Open Policy Agent with Kubernetes - Tutorial (Pt. 2)

Guest Expert

GitGuardian Secrets Detectors 2022 Wrap-Up

Ziad Ghalleb

Open Policy Agent with Kubernetes - Tutorial (Pt. 1)

Guest Expert

Start your journey to secrets-free source code