Uncovering thousands of unique secrets in PyPI packages
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials.
![What to do if you expose a secret: How to stay calm and respond to an incident [cheat sheet included]](/content/images/size/w600/2023/11/Remediation-post.png)
What to do if you expose a secret: How to stay calm and respond to an incident [cheat sheet included]
Learn how to respond to a secret leak incident effectively. Follow our step-by-step guide to understand the impact, rotate secrets safely, and prevent future leaks.
Why Automotive Companies Must Prioritize Secrets Detection
Explore the critical role of secrets security in the era of software-driven vehicles. From code leaks to supply chain vulnerabilities, read how safeguarding automotive software is paramount for consumer safety.
Wake-up call: why it's urgent to deal with your hardcoded credentials and secrets
The figures are precise: stolen credentials remain the most common cause of a data breach. So how are there still thousands of hardcoded secrets hiding in source code, CI/CD pipelines, or Docker images, and, more importantly, how should we deal with them?
Elevate your secrets' security with these latest releases in GitGuardian Secrets Detection
Detect real secrets, automate severity scoring, focus on your critical incidents, fix faster with developers, and get the support you deserve from our team of experts!
Why you should look beyond source code for exposed secrets
Learn more about the various sources of exposed secrets beyond source code repositories. From CI/CD systems to container images, runtime environments to project management tools, uncover the risks associated with storing secrets in these sources.
Are Your Company Secrets Safe on GitHub? Here's Why You Need to Request a Complimentary Audit
With a large number of developers, it’s highly likely that your company’s secrets are publicly exposed without your knowledge. Request your audit today and take control of your GitHub security perimeter.
The Secret Vulnerability Finance Execs are Missing
Discover the overlooked vulnerability lurking in every corner of the finance industry. Hardcoded credentials in source code are an easy target for hackers, yet so common they're rarely discussed. Learn what companies can do to protect themselves against costly breaches.
GitGuardian vs. Custom-Built Secrets Detection Tools
DIY or open-source secrets detection can seem cost-effective and customizable initially... until you start hitting the first obstacles like scalability, developer experience (DX), or deep application security expertise. Read on to find out how GitGuardian can help you rise above these!
The State of Secrets Sprawl 2023
The report reveals an unprecedented number of hard-coded secrets in new GitHub commits over the year 2022. And much more.
GitGuardian Secrets Detectors 2022 Wrap-Up
The GitGuardian team is still striving to provide the broadest secrets detection engine, helping you find and fix all sorts of hardcoded secrets! Learn more about the specific and generic detectors our team has released in 2022 in this post.
The State of Secrets Sprawl 2022
In its 2022 report, GitGuardian extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in corporate codebases.
