Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this interview, GitGuardian security researcher Guillaume Valadon breaks down how GitGuardian discovered a public GitHub repository exposing CISA-related secrets, including plain-text passwords, AWS tokens, SAML certificates, CI/CD files, Kubernetes manifests, and internal operational documentation. We discuss how the leak was identified, why exposed secrets can create immediate risk, and how GitGuardian helped escalate the disclosure until the repository was taken offline within 26 hours.

"Malware is created by criminals. They are intending to cause harm. It is not hypothetical. They want you to consume it for nefarious purposes.".

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

Read the full report here: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

While not a new feature, the GitGuardian team has been hard at work making updates to our TokenScanner, the underlying engine that powers GitGuardian's secret scanning ability. This is great news for folks dealing with very large repos and legacy platforms that thousands of developers have touched over the years. Scanning millions of files, attachments, commits, and anywhere else secrets might be hiding takes minutes. Historical scans across petabytes of information, which used to take days, now take less than an hour. What used to take hours takes a few short minutes.

Read the full report here (no email sign up required).

Download the report now, not gated: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026

In April, three major supply chain campaigns hit npm, PyPI, and Docker Hub in just 48 hours, and while the ecosystems were different, the objective was the same: steal credentials from developer environments and CI/CD pipelines. The malware targeted API keys, cloud credentials, SSH keys, GitHub tokens, npm tokens, environment variables, and more, turning developer machines and build systems into high-value credential vaults for attackers.

See how the GitGuardian Assistant helps teams investigate, understand, and remediate secret incidents directly from the GitGuardian workspace. In this preview, Mathieu and Dwayne walk through how the assistant uses incident context, workspace details, and GitGuardian documentation to answer questions, suggest next steps, and help manage incidents through natural language. It can explain threat patterns, assess scope and impact, recommend remediation steps, assign incidents, update tags, and propose changes to incidents.

GitGuardian Workspace Quick Access helps you move through the platform faster with one unified search experience. In this video, we walk through how to open Quick Access with Ctrl+K, or Cmd+K on Mac, search across platform pages and public documentation, navigate results with keyboard shortcuts, and jump directly to the section you need. Quick Access respects your permissions and workspace configuration, so results stay relevant to the pages, features, and docs available to you.