From Secrets Sprawl to Secretless: Snowflake's Journey through NHI Lifecycle Management
Learn how Snowflake is tackling NHIs, from secrets sprawl to a secretless architecture using GitGuardian for detection and Aembit for prevention.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
GitGuardian Demo: Master Non-Human Identity (NHI) & Secrets Security at Scale
This platform demo shows how to bring order to the chaos of NHIs, reduce risk, and empower your teams to move faster and safer. Discover how GitGuardian finds leaked secrets everywhere (code, CI/CD, docs, containers), enforces policies for NHI governance, and enables efficient, automated remediation. Get critical analytics to improve your security posture. GitGuardian scales with your organization via SaaS or self-hosted options.
GitGuardian Launches MCP Server to Bring Secrets Security into Developer Workflows
GitGuardian, the leader in automated secrets detection and remediation, today announced the launch of its Model Context Protocol (MCP) Server, a powerful new infrastructure designed to bring AI-assisted secrets security directly into developer environments. As intelligent agents begin to reshape the software development landscape, GitGuardian's MCP server marks a pivotal shift in aligning security practices with an environment where code is shipped faster than ever.
GitGuardian Launches its MCP Server: Putting Secrets Security in the Developers' Hands
Empower your developers with GitGuardian's new MCP Server. Embed AI-driven secrets security directly into your IDE, streamline incident remediation, and secure code in real time.
Exploiting Public APP_KEY Leaks to Achieve RCE in Hundreds of Laravel Applications
Laravel APP_KEY leaks enable RCE via deserialization attacks. Collaboration with Synacktiv scaled findings to 600 vulnerable applications using 260K exposed keys from GitHub. Analysis reveals 35% of exposures coincide with other critical secrets including database, cloud tokens, and API credentials.
Agent-Based AI and the Machine Identity Revolution Are Reshaping Security
Is agentic AI the productivity revolution we've been waiting for, or a security nightmare in the making? With AI agents now outnumbering humans and secrets proliferating across enterprise systems, the answer isn't simple. Read our insights from SecDays {France} 2025.
Agents, LLMs, and the Future of Identity for AI
Agents with MCP servers access your services like databases or Google Drive, increasing the risk due to the secrets volume and lack of control. Explore the challenges of governing these autonomous agents and best practices for limiting agent scope and preventing unintended data exposure.
From Chaos to Control: How ML-Driven Prioritization Solves Secrets Leaks
Security teams are still drowning in alerts. Solution? Leverage machine learning to prioritize your secrets risks! Discover how we use proprietary models that analyze the context in which your incidents occur, score their severity level, and generate clear explanations and guidelines that empower your team to focus on what matters most.
A Shocking Look at Secrets Sprawl in DockerHub
This talk reveals insights from a recent campaign that scanned 15 million public DockerHub images and 16 million layers. We downloaded over 30TB of data, uncovering over 100,000 valid secrets providing unauthorized access to protected resources.
When Infostealer Frontiers Meet Identity-Centric Defense: Lessons from BSides SATX 2025
From malware markets to IAM frameworks, BSides SATX 2025 showed why modern security must evolve from static protection to identity-centric, adaptive defense.