The Hidden Cost of Secrets Sprawl
Manual secrets management costs organizations $172,000+ annually per 10 developers. Discover the hidden productivity drain, security risks, and how automation can recover at least 1.2 FTE worth of capacity.
Scanning GitHub Gists for Secrets with Bring Your Own Source
Developers treat GitHub Gists as a "paste everything" service, accidentally exposing secrets like API keys and tokens. BYOS lets you scan and monitor these blind spots.
Building Chromegg: A Chrome Extension for Real-Time Secret Detection
Ever accidentally pasted an API key into a web form? Chromegg is our new Chrome extension that scans form fields in real-time, alerting you BEFORE you submit secrets. Open-source & ready to use!
GitGuardian Introduces One-Click Secret Revocation to Accelerate Incident Response
Secure your secrets with GitGuardian's new one-click revocation. Instantly neutralize exposed secrets to close the attack window and automate your incident response.
Detect Secrets in GitLab CI Logs using ggshield and Bring Your Own Source
Discover how to automatically detect secrets in GitLab CI logs using ggshield and GitGuardian's Bring Your Own Source initiative. Learn to set up real-time scanning to prevent credential leaks, enhance compliance, and secure your entire CI/CD pipeline from hidden risks.
How GitGuardian and Delinea Solve Improper Offboarding of NHIs at Scale
Learn how GitGuardian and Delinea solve the growing problem of improper offboarding for Non-Human Identities (NHIs). Discover why orphaned secrets are a top security risk and how to automate their lifecycle management.
Bring Your Own Source: Plug GitGuardian into n8n Workflow in Minutes
Discover how GitGuardian's "Bring Your Own Source" initiative enables security teams to extend secrets detection beyond code repositories, leveraging custom integrations to eliminate a significant hidden attack surface.
Why Most Exposed Secrets Never Get Fixed
Our latest State of Secrets Sprawl 2025 research reveals a troubling reality: the majority of leaked corporate secrets found in public code repositories continue to provide access to systems for years after their discovery.
Why Your Biggest Secret Leaks Happen Behind the Firewall: Private vs. Public Repos
Private repos leak plaintext secrets 8x more often than public ones. Learn why internal codebases are the biggest blind spot in your secrets management strategy.
xAI Secret Leak: The Story of a Disclosure
AI adoption accelerates secret sprawl as organizations connect to multiple providers. Our investigation of a leaked xAI API key, which granted access to unreleased Grok models, reveals critical flaws in their disclosure process, highlighting necessary improvements in this domain.
A Look Into the Secrets of MCP: The New Secret Leak Source
MCP rapidly enhances AI capabilities but introduces security challenges through its distributed architecture. Especially, the distributed nature of MCP requires a lot of NHIs and their secrets. Our research shows that MCP is a new source of leaks that already discloses real-world secrets.
