Product News
Who Actually Owns This Service Account?
When an NHI is compromised, who do you call? GitGuardian NHI ownership eliminates the guessing game with automatic accountability.
MOST POPULAR
all tags
other
BlueTeamCon 2025: Finding new approaches to security that don’t let perfect stand in the way of better
BlueTeamCon 2025 showed why progress beats perfection in cybersecurity. Explore highlights on visibility, AI safety, collaboration, identity, and pragmatic defense.
The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 repositories. Attackers injected malicious workflows that exfiltrated 3,325 secrets, including PyPI, npm, and DockerHub tokens via HTTP POST requests to a remote endpoint.
Why the Principle of Least Privilege Is Critical for Non-Human Identities
Overprivileged non-human identities expose enterprises to massive risk. Enforcing least privilege with automation and visibility is critical for security.
Automatic Secrets Redaction at Runtime: Building a GitGuardian Lambda Extension
I'm going to show you how to build a Lambda Runtime API extension that automatically scans and redacts sensitive information from your function responses, without touching a single line of your existing function code.
Why Detecting Generic Credentials is a Game Changer
Discover what generic secrets detection is really about, why it's a critical component to build a performant secrets detection engine, and how GitGuardian is tackling this problem.
How to Handle Secrets in Helm
Learn step-by-step techniques and best practices to handle secrets in Helm charts safely and effectively. Level up your Helm deployments today!
Beyond Secrets: How Managed Identities Are Transforming Multicloud Security
Managed identities offer a paradigm shift from "what fo you have"to "who you are" authentication, providing automated, short-lived credentials that eliminate credential sprawl across multicloud environments.
The Nx "s1ngularity" Attack: Inside the Credential Leak
On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure.
How to Handle Secrets in Docker
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
8 steps to manage multiple GitHub accounts | GitGuardian Blog
Any developer has to set up his Git config at least once. Our cheat sheet will help you make this process a breeze, ensuring that you never push with the wrong profile again!
How GitGuardian and Delinea Solve Improper Offboarding of NHIs at Scale
Learn how GitGuardian and Delinea solve the growing problem of improper offboarding for Non-Human Identities (NHIs). Discover why orphaned secrets are a top security risk and how to automate their lifecycle management.
