Why Your Biggest Secret Leaks Happen Behind the Firewall: Private vs. Public Repos
Private repos leak plaintext secrets 8x more often than public ones. Learn why internal codebases are the biggest blind spot in your secrets management strategy.
xAI Secret Leak: The Story of a Disclosure
AI adoption accelerates secret sprawl as organizations connect to multiple providers. Our investigation of a leaked xAI API key, which granted access to unreleased Grok models, reveals critical flaws in their disclosure process, highlighting necessary improvements in this domain.
A Look Into the Secrets of MCP: The New Secret Leak Source
MCP rapidly enhances AI capabilities but introduces security challenges through its distributed architecture. Especially, the distributed nature of MCP requires a lot of NHIs and their secrets. Our research shows that MCP is a new source of leaks that already discloses real-world secrets.
The Hidden Breach: Secrets Leaked Outside the Codebase Pose a Serious Threat
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
GitGuardian's Secrets Risk Assessment: Know Your True Exposure For Free
Go beyond GitHub's scope. Understand the full picture of your secret leaks with GitGuardian, covering public and internal exposures.
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub's Push Protection
Generic secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub's push protection falls short.
The State of Secrets Sprawl 2025
GitGuardian's 2025 report reveals 70% of leaked secrets remain active two years later. Discover the alarming state of secrets sprawl & protect your organization.
Comparing Secrets Detection Solutions? Here’s Why You Should Use the F1 Score
Learn how the F1 score helps you choose the right tool to strengthen your security posture.
Why Hedge Funds Must Prioritize Secrets Security
Protect hedge fund assets from secrets-related attacks. Learn how GitGuardian provides visibility and control over secrets and mitigates the risks of hardcoded secrets.
Doomed Keys and Hidden Threats: The Scariest Secrets in Your Repositories
At GitGuardian we see things that no one should ever see. We detect and collect leaked secrets that are so hideous we could lose our sanity. Let us introduce you to some of the most terrifying leaks we saw this year. If you dare.
![Precision & Recall [Security Zines]](/content/images/size/w600/2024/10/Recall-in-Detection.png)
Precision & Recall [Security Zines]
Or how to find a key in a code haystack
The Extent of Hardcoded Secrets: From Development to Production
This blog post provides a data-driven breakdown of where secrets have been discovered in recent years, with detailed examples highlighting the risks, starting from the developer boundary to the lesser-known infrastructure one.
