AI Is the Newest Developer To Misunderstand Secrets In Your Git History
AI assistants are repeating a common Git mistake: committing fixes that remove secrets only from the latest code, not from repository history. GitGuardian AI Skills can help.
Gitguardian Agent Skills: Secret Detection and Remediation For AI-Assisted Development
With these skills, any AI coding assistant, including Claude Code, Cursor, or Codex, can now scan code for secrets and provide guided remediation within developer workflows.
AI Agents Security for Developers: Don't Let Your Agents Become a Liability
Using Cursor, GitHub Copilot, Claude Code, Codex, or another coding agent means giving software access to more than your code. It can also see the credentials available in your workspace, shell, config files, and development environment.
Short-Lived Credentials in Agentic Systems: A Practical Trade-off Guide
Understand where short-lived credentials reduce risk in agentic systems and where operational complexity requires stronger monitoring and governance controls.
What the Mythos-Ready Briefing Says About Credentials
The Mythos-ready briefing names secrets rotation, NHI governance, and honeytokens as critical controls. Zero-days don't replace credential attacks; they accelerate them. Credential security deserves to move up every CISO's priority list.
AI Agents Authentication: How Autonomous Systems Prove Identity
AI agents need to authenticate with numerous systems, making AI authentication a crucial security boundary that determines blast radius, revocability, and long-term governance risk.
When We Use AI To Ship Fast, Secrets Spread Fast
The data from this year's State of Secrets Sprawl report shows that AI is not creating a new secrets problem; it is accelerating every condition that already made secrets dangerous.
Claude Code Security: Why the Real Risk Lies Beyond Code
Anthropic's Claude Code Security launch sent shockwaves through cybersecurity markets. As GitGuardian's CEO, here's why I believe the real battle has shifted from code vulnerabilities to identity and secrets management in the AI era.
Shifting Security Left for AI Agents: Enforcing AI-Generated Code Security with GitGuardian MCP
In this article, we will explore the hot topic of securing AI-generated code and demonstrate a technical approach to shifting security left for cloud AI agents by using Model Context Protocol (MCP) tools.
Building a Multi-Agent Security Pipeline with Google's A2A Protocol and GitGuardian
I built a demo showing how to wire up multiple AI agents using Google's Agent Development Kit (ADK) and the A2A protocol, with GitGuardian scanning content for secrets.
From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting
We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.
OAuth for MCP - Emerging Enterprise Patterns for Agent Authorization
Why agents break the old model and require rethinking traditional OAuth patterns.
