Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ship fewer secrets with your code. In this video we walk you through installing and using the GitGuardian IDE extension in Visual Studio Code, Cursor, Antigravity, Windsurf, and any VS Code compatible editor. You will see how the extension uses ggshield, the GitGuardian command line tool, to scan for 500+ types of secrets and catch plaintext credentials as soon as you save a file, long before they can be committed.

GitGuardian users can now revoke certain valid secrets directly from incident pages in seconds, eliminating the need to switch between multiple tools and platforms when the danger is very real. As attackers move faster than ever, security teams and developers need better tools and methods to ensure their most prized secrets can be invalidated in seconds, halting any attackers who might have stolen them or discovered them leaked publicly.

Learn about our NHI Governance capabilities providing complete asset visibility, OWASP Top 10 compliance, and how we're tackling AI challenges where coding agents replicate exposed secrets at scale.

Our security researcher Gaetan Ferry shared his take on the recent supply chain attacks with Mackenzie Jackson @TheSecureDisclosure.

In this video, you will learn how to cut through the noise and prioritize your GitGuardian incidents with confidence. From understanding incident fields to using filters, views, and severity scoring, this walkthrough shows you exactly how to focus on what matters most. Take control of your backlog and streamline remediation to strengthen your team’s security posture. Chapters.

In this video, we'll cover GitGuardian Playbooks and how to manage them in your workspace. We know that time is critical when a secrets incident occurs. That's why our platform allows you to quickly and easily automate steps of the incident response process. We call these automations "Playbooks".

GitGuardian has uncovered GhostAction, a massive supply chain attack targeting 327 GitHub users and 817 repositories. Attackers injected malicious workflows that exfiltrated over 3,325 secrets, including npm, PyPI, and DockerHub tokens. Watch as GitGuardian's Senior Cybersecurity Researcher, Guillaume Valadon breaks down how this campaign unfolded, what was stolen, and what developers need to know to stay safe.

Discover the chilling details of the Nx “s1ngularity” supply chain attack. On August 26, 2025, the massively popular Nx npm package, with millions of weekly downloads, was compromised with credential‑harvesting malware.

In this video, learn how to set up and use GitGuardian’s new MCP (Model Context Protocol) server to bring secrets security and Non-Human Identity (NHI) governance directly into your AI-powered IDE, like Cursor or Claude Desktop. GitGuardian Developer Advocate Dwayne McDaniel shows how to install the MCP server and run real use cases—like scanning for secrets, listing incidents, and creating honeytokens—all from inside your coding environment. Ready to embed security where code is written?

In this video, Dwayne McDaniel, Developer Advocate at GitGuardian, walks you through the workflow security and DevOps teams can follow to investigate and remediate a secret leak using the GitGuardian platform. Whether it’s an exposed API key, token, or internal credential, GitGuardian helps you go from alert to resolution with confidence.