MOST POPULAR
all tags
other
How to Handle Secrets in Jupyter Notebooks
From entering passwords with getpass to using secret managers like AWS Secrets Manager, this guide covers best practices for protecting sensitive information in your notebooks.
Security Starts With Developer Enablement: Lessons From PHP TEK 2025
PHP TEK 2025 revealed how empowering developers through clear, embedded security practices strengthens defenses without adding operational friction.
Building a Secure LLM Gateway (and an MCP Server) with GitGuardian & AWS Lambda
How I wrapped large-language-model power in a safety blanket of secrets-detection, chunking, and serverless scale.
Navigating the New Frontiers of Identity: Insights from KuppingerCole EIC Summit 2025
Discover why machine identities are the new security frontier from KuppingerCole EIC 2025. Learn about secrets sprawl, AI agents, and why traditional IAM fails to protect NHIs in this GitGuardian recap.
Standards for a Machine‑First Future: SPICE, WIMSE, and SCITT
Discover how SPICE, WIMSE, and SCITT are redefining workload identity, digital trust, and software supply chain integrity in modern machine-first environments.
Securing Critical Infrastructure: GitGuardian Partners with ONE-ISAC to Protect Oil & Natural Energy Operations
This collaboration brings GitGuardian's expertise in secrets detection and non-human identity protection to the oil and natural energy sector, addressing unique challenges in operational technology environments.
Fresh From The Docks: Uncovering 100,000 Valid Secrets in DockerHub
This post details the methodology used to scan 15 million Docker images, uncovering a staggering 100,000 valid secrets, including AWS, GCP, and GitHub tokens belonging to Fortune 500 companies. This emphasizes the critical need for improved security practices in containerized environments.
Why Your Biggest Secret Leaks Happen Behind the Firewall: Private vs. Public Repos
Private repos leak plaintext secrets 8x more often than public ones. Learn why internal codebases are the biggest blind spot in your secrets management strategy.
How to Handle Secrets in Terraform
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and Access at Scale
RSAC 2025 revealed that AI agents are reshaping trust and identity. Learn what top CISOs are doing about it and how the conversation about NHI governance is evolving.
Gartner's Insights: Why Machine Identity Security is Your Next Critical Battlefront
In this blog, we’ll break down why machine identity security is essential, highlight Gartner’s recent research, and connect these insights to real-world issues and solutions discussed in our NHI blog series.
xAI Secret Leak: The Story of a Disclosure
AI adoption accelerates secret sprawl as organizations connect to multiple providers. Our investigation of a leaked xAI API key, which granted access to unreleased Grok models, reveals critical flaws in their disclosure process, highlighting necessary improvements in this domain.
