Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this video, cybersecurity researcher Guillaume Valadon of GitGuardian breaks down how exposed Laravel APP_KEYs on GitHub can lead to full Remote Code Execution (RCE) in real-world applications. Working in collaboration with Synacktiv, the team uncovered 260,000 exposed keys, validated 600+ vulnerable apps, and revealed that over 35% of leaks also exposed critical credentials like database passwords, cloud storage tokens, and API keys.

This platform demo shows how to bring order to the chaos of NHIs, reduce risk, and empower your teams to move faster and safer. Discover how GitGuardian finds leaked secrets everywhere (code, CI/CD, docs, containers), enforces policies for NHI governance, and enables efficient, automated remediation. Get critical analytics to improve your security posture. GitGuardian scales with your organization via SaaS or self-hosted options.

Agents with MCP servers access your services like databases or Google Drive, increasing the risk due to the secrets volume and lack of control. Explore the challenges of governing these autonomous agents and best practices for limiting agent scope and preventing unintended data exposure.

Security teams are still drowning in alerts. Solution? Leverage machine learning to prioritize your secrets risks! Discover how we use proprietary models that analyze the context in which your incidents occur, score their severity level, and generate clear explanations and guidelines that empower your team to focus on what matters most.

This talk reveals insights from a recent campaign that scanned 15 million public DockerHub images and 16 million layers. We downloaded over 30TB of data, uncovering over 100,000 valid secrets providing unauthorized access to protected resources.

GitGuardian is helping reams respond to and remediate incidents more efficiently than ever, thanks to our new Enhanced email incident alerting controls. While you can configure GitGuardian alerts to integrate with servies like Slack, Teams, PagerDuty, and any other system that can work with JSON and webhooks, Email notifications are still the default way we send alerts.

GitGuardian has introduced custom tags, empowering teams to manage and prioritize secrets incidents and Honeytokens better than ever. GitGuardian has always automatically applied certain predefined tags to help teams identify incidents where, for example, a secret was found in a Default branch, is in a sensitive file, or discovered from a historical scan, just to name a few options.

We allow organizations to discover and remediate exposed Secrets as well as manage NHIs lifecycle across both their internal network and public perimeter (for ex over permissioned, stale secrets, secrets in multiple vaults…). Our unrivaled secrets detection engine is trained and backtested in real-time against +5Bn commits and used by more than 600k developers, it is also the n°1 app on the GitHub Market place. GitGuardian integrates natively with the SDLC (GitHub, Gitlab…) but also with other data sources such as Jira, Slack, ServiceNow, Docker, as secrets leak in all these environments.

GitGuardian is proud to introduce our new Machine Learning-powered Generic Secret Enricher, helping all customers quickly understand the origin and type of discovered generic secrets. The 2025 GitGuardian State of Secret Sprawl report shows that 58% of all detected secrets fall into the generic category.