Why Most Exposed Secrets Never Get Fixed

Our latest State of Secrets Sprawl 2025 research reveals a troubling reality: the majority of leaked corporate secrets found in public code repositories continue to provide access to systems for years after their discovery.

Anna Nabiullina

5 Jun 2025 – 5 min read

Dwayne McDaniel

27 Mar 2025 – 8 min read

How to Handle Secrets in Helm

Tiexin Guo

29 Aug 2024 – 17 min read

EDITOR’S PICK

The State of Secrets Sprawl 2025

Soujanya Ain

11 Mar 2025 – 3 min read

GitGuardian Is Now The Overall Most Installed GitHub Marketplace App

Dwayne McDaniel

10 Mar 2025 – 4 min read

all tags

DevSecOps

How to Handle Secrets in CI/CD Pipelines

Securely managing secrets within the CI/CD environment is super important. Mishandling secrets can expose sensitive information, potentially leading to unauthorized access, data breaches, and compromised systems.

Tiexin Guo

9 Dec 2024 – 9 min read

Engineering

A Deep Dive into Celery Task Resilience, Beyond Basic Retries

How to make your Celery tasks more resilient with best practices to prevent workflow interruptions and handle various failure scenarios.

Guardians

5 Dec 2024 – 9 min read

DevSecOps

The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn’t a One-Click Solution

Automating secrets rotation requires maturity and planning. Let's look at how to inventory, scope, and secure credentials without risking downtime or vulnerabilities.

Dwayne McDaniel

3 Dec 2024 – 8 min read

Engineering

MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Our stack to go from experimenting to production won't have any more secrets for you.

Guardians

27 Nov 2024 – 10 min read

Artificial Intelligence

The Quest to Minimize False Positives Reaches Another Significant Milestone

Our breakthrough ML model FP Remover V2 slashes false positives by 80%, setting a new industry standard for secrets detection. Discover how we're helping security teams focus on real threats instead of chasing phantom alerts.

Guardians

25 Nov 2024 – 4 min read

Non-Human Identity

Non-Human Identity Security Strategy for Zero Trust Architecture

Explore NIST-backed guidance on securing Non-Human Identities, reducing risks, and aligning with zero trust principles in cloud-native infrastructures.

Dwayne McDaniel

22 Nov 2024 – 7 min read

Conferences

DevOpsDays Chattanooga 2024: Learning, Laughter, and Innovation

DevOpsDays Chattanooga 2024 delivered key insights on collaboration, security, and agile workflows with engaging talks, ignite sessions, and open discussions.

Dwayne McDaniel

18 Nov 2024 – 5 min read

GitGuardian

Connecting, Collaborating, and Celebrating: Our Global Team Seminar in the South of France

Last September, GitGuardian brought together its 150 Guardians from around the world for a three-day seminar on the beautiful Giens Peninsula in the south of France.

Guardians

17 Nov 2024 – 3 min read

Conferences

Black Alps 2024: Highlights from Switzerland's Cybersecurity Ecosystem

Come for the cybersecurity insights, stay for the raclette! Black Alps 2024 packed in Swiss charm with technical talks, a hacker's raclette dinner, and conference-logo chocolates. A perfect mix of threats, treats, and networking.

Guillaume Valadon

13 Nov 2024 – 4 min read

Conferences

AI Summit Vancouver 2024: Exploring AI's Role, Risks, and Transformative Power

At AI Summit Vancouver, experts explored AI ethics, security practices, and balancing innovation with a responsibility to shape a safer AI-empowered future.

Dwayne McDaniel

8 Nov 2024 – 6 min read

Product News

Prevent Security Breaches in Self-Hosted Environments with GitGuardian's Custom Host for Validity Checks

Stop chasing false positives in your self-hosted instances. With GitGuardian's custom host for validity checks, security teams get real-time insights to prioritize active threats, reduce noise, and prevent costly breaches.

Ferdinand Boas

7 Nov 2024 – 5 min read

Best practices

Security Culture: The Best Tool Money Can’t Buy

Building positive relationships, sharing knowledge effectively, and making security "cool" are some of the most worthwhile security pursuits.

C. J. May

6 Nov 2024 – 6 min read

Why Most Exposed Secrets Never Get Fixed

Anna Nabiullina

MOST POPULAR

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

How to Handle Secrets in Helm

Tiexin Guo

EDITOR’S PICK

The State of Secrets Sprawl 2025

Soujanya Ain

GitGuardian Is Now The Overall Most Installed GitHub Marketplace App

Dwayne McDaniel

How to Handle Secrets in CI/CD Pipelines

Tiexin Guo

A Deep Dive into Celery Task Resilience, Beyond Basic Retries

Guardians

The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn’t a One-Click Solution

Dwayne McDaniel

MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Guardians

The Quest to Minimize False Positives Reaches Another Significant Milestone

Guardians

Non-Human Identity Security Strategy for Zero Trust Architecture

Dwayne McDaniel

DevOpsDays Chattanooga 2024: Learning, Laughter, and Innovation

Dwayne McDaniel

Connecting, Collaborating, and Celebrating: Our Global Team Seminar in the South of France

Guardians

Black Alps 2024: Highlights from Switzerland's Cybersecurity Ecosystem

Guillaume Valadon

AI Summit Vancouver 2024: Exploring AI's Role, Risks, and Transformative Power

Dwayne McDaniel

Prevent Security Breaches in Self-Hosted Environments with GitGuardian's Custom Host for Validity Checks

Ferdinand Boas

Security Culture: The Best Tool Money Can’t Buy

C. J. May

Start your journey to secrets-free source code