The State of Secrets Sprawl 2022
In its 2022 report, GitGuardian extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in corporate codebases.
No stone left unturned: detecting custom patterns is now available in GitGuardian.
GitGuardian users can now extend the secrets detection engine and configure custom patterns to detect proprietary secrets and credentials.
Should we target zero false positives?
While scanning millions of documents for secrets, should we really aim at reaching absolute zero or is the story not so simple?
Secrets Detection - Optimizing filter processes
From benchmark analysis, here are our key takeaways on building efficient real-time data filtering pipelines.
Secrets Detection – Tools for reproducible, detailed, and meaningful benchmarks
New series focusing on performance at GitGuardian. Learn how we built the tools to produce meaningful benchmarks and track our improvements in speed over the year.
300. That's how many secrets detectors GitGuardian now runs.
GitGuardian now supports more than 300 secrets detectors, available in both products: GitGuardian for Public GitHub Monitoring and GitGuardian for Internal Repositories Monitoring.
Why detecting generic credentials is a game changer
Discover what generic secrets detection is really about, why it's a critical component to build a performant secrets detection engine, and how GitGuardian is tackling this problem.
Setting up a pre-commit git hook with ggshield, the GitGuardian CLI.
In this tutorial we are going to run through how to create a pre-commit git hook using GitGuardian Shield to detect secrets before they enter your repository.
Implementing a detector at GitGuardian : a use case with MongoDB credentials
This article explains how our research team develops and refines detectors. To illustrate this article, we will take the case of MongoDB credentials.
State of Secrets Sprawl on GitHub - 2021
GitGuardian has been scanning every single public commit made on GitHub for secrets since 2017, now we are releasing our findings in the most comprehensive study on secrets sprawl ever conducted.
Building reliable secrets detection - Secrets in source code (episode 3/3)
This article will expose how our algorithms detect secrets and what we have learnt from scanning, literally, billions of commits.
The Threat of Leaked Credentials in Git Repositories - A discussion between security experts
Secrets including API tokens, passwords and credentials are the keys to the kingdom. Yet storing secrets inside git including GitHub & GitLab is a problem. Security experts discuss why this is & how to solve this.
