Secrets detection
Responding to Exposed Secrets - An SRE's Incident Response Playbook
Today, let's take a closer look at incident response playbooks: how to build one, tailor it for secret leaks, take actions, and learn from incidents.
MOST POPULAR
all tags
other
Operationalizing the OWASP AI Testing Guide with GitGuardian: Building Secure AI Foundations Through NHI Governance
Align your AI pipelines with OWASP AI Testing principles using GitGuardian’s identity-based insights to monitor, enforce, and audit secrets and token usage.
Real-World Attack Chains Involving NHIs: Lessons from SecDays France
Based on the talk “The Explosion of Machine Identities: Are You Aware of This Silent Threat?” at SecDays France 2025.
The Role of AI and Compliance in Modern Risk Management: ShowMeCon 2025
The speakers at ShowMeCon 2025 explored why policy isn't protection without validation. AI, identity, and threat detection must align to reduce operational risk.
GitGuardian Partners with GuidePoint Security to Strengthen Application Security Offerings
GitGuardian and GuidePoint Security have partnered to deliver enhanced secrets detection and non-human identity security solutions to North American customers, offering tools to combat secrets sprawl and mismanaged identities.
Securing Your Machine Identities Means Better Secrets Management
Machine identities make up the majority of the over 24 million secrets GitGuardian discovered in public in 2025. Let's look at how we got here and how we fix this.
Automated Guard Rails for Vibe Coding
Vibe coding might sound like a trendy term, but it's really just developing software without automated checks and quality gates. Traditional engineering disciplines have always relied on safety measures and quality controls, so vibe coding should be no different in my honest opinion.
Identiverse 2025: Trust, Delegation, and the Era of Continuous Identity
Identiverse 2025 exposed the urgent need for NHI governance. From AI agents to orphaned credentials, NHIs and their sprawling secrets are today’s most overlooked risks.
How GitGuardian and Akeyless Secure Machine Identities Across Environments
See how GitGuardian's deep discovery, combined with Akeyless's automation, delivers full secrets lifecycle control.
Why Most Exposed Secrets Never Get Fixed
Our latest State of Secrets Sprawl 2025 research reveals a troubling reality: the majority of leaked corporate secrets found in public code repositories continue to provide access to systems for years after their discovery.
Security Isn’t A Solo Sport: Community, Burnout, and Identity at BSides312
At BSides312 in Chicago, experts showed that defending systems requires defending people, with trust, inclusion, and communication as key controls. Defense is deeply human.
How to Handle Secrets in Jupyter Notebooks
From entering passwords with getpass to using secret managers like AWS Secrets Manager, this guide covers best practices for protecting sensitive information in your notebooks.
Security Starts With Developer Enablement: Lessons From PHP TEK 2025
PHP TEK 2025 revealed how empowering developers through clear, embedded security practices strengthens defenses without adding operational friction.
