Secrets Management
API Key Security: 7 Enterprise-Proven Methods to Prevent Costly Data Breaches
In this blog, we will navigate through a few enterprise-proven methods to make API key more secure. Read on!
MOST POPULAR
all tags
other
AI Is the New Trust Boundary: STL TechWeek Reveals the Risk Shift
At St. Louis TechWeek 2025, AI took center stage as industry thought leaders shared sessions warning about inputs, data health, and how agents are the new attack surface.
How to Handle Secrets in Docker
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
From Alert to Action: Best Practices to Handle Responsible Disclosure
Responsible disclosure is an often overlooked but critical component of cybersecurity alerting processes. Explore key best practices that can enhance communication and collaboration with researchers, turning potential security threats into opportunities for stronger defense.
BSides San Diego 2025: Shifting the Risk Conversation By The Sea Shore
Discover how BSidesSD 2025 challenged traditional GRC, spotlighted data poisoning, and promoted human-driven security insights. Read our highlights from this community event.
The Hidden Breach: Secrets Leaked Outside the Codebase Pose a Serious Threat
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
SnowFROC 2025: A Chilly Reminder That OWASP Matters and Exploring Secure Coding Practices with AI Coding Bots
At Denver's SnowFROC, security pros tackled the importance of OWASP’s evolving Top 10 and exposed the current shortcomings of AI-generated code for production systems.
GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices
Worried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization while leveraging AI.
Yes, GitHub's Copilot can Leak (Real) Secrets
Researchers successfully extracted valid hard-coded secrets from Copilot and CodeWhisperer, shedding light on a novel security risk associated with the proliferation of secrets.
GitGuardian's Secret Risk Assessment: Know Your True Exposure For Free
Get a comprehensive GitHub secret risk assessment with GitGuardian. Identify hidden exposures and strengthen your security posture. Start your free scan now!
Keeping Secrets Out of Logs: Strategies That Work
tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.
A Peek on Cloud Security: JSSI 2025
At JSSI 2025, French IT security experts discussed the cloud's impact on security. Presentations covered strategy and technical analysis. GitGuardian’s researchers shared insights on detecting secrets in the cloud and responsibly disclosing them to companies.
Compromised tj-actions/changed-files GitHub Action: A look at publicly leaked secrets
On March 14, 2025, the popular GitHub action tj-actions/changed-files was compromised, exposing secrets in CI logs. GitGuardian's analysis identified leaked secrets like GitHub tokens, AWS keys, and more.
