GitGuardian's Secrets Risk Assessment: Know Your True Exposure For Free
Go beyond GitHub's scope. Understand the full picture of your secret leaks with GitGuardian, covering public and internal exposures.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Keeping Secrets Out of Logs: Strategies That Work
tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub's Push Protection
Generic secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub's push protection falls short.
GitGuardian Report: 70% of Leaked Secrets Remain Active for Two Years, Urging Immediate Remediation
GitGuardian releases its comprehensive "2025 State of Secrets Sprawl Report," revealing a widespread and persistent security crisis that threatens organizations of all sizes. The report exposes a 25% increase in leaked secrets year-over-year, with 23.8 million new credentials detected on public GitHub in 2024 alone. Most concerning for enterprise security leaders: 70% of secrets leaked in 2022 remain active today, creating an expanding attack surface that grows more dangerous with each passing day.
The State of Secrets Sprawl 2025
GitGuardian's 2025 report reveals 70% of leaked secrets remain active two years later. Discover the alarming state of secrets sprawl & protect your organization.
Why Understanding Your Secrets is the Key to Faster Remediation
Up to 27 days to fix a leaked secret? We feel your pain. Explore how contextual secrets management helps you take control, cut remediation time, and strengthen your security posture. Don't just detect, understand your secrets.
From Confidence to Competence: The Reality of Secrets Management
The confidence gap in secrets management is real: 75% of organizations feel secure while only 44% of developers follow best practices. Discover what security experts reveal about remediation challenges, responsibility issues, and practical solutions for protecting your most sensitive credentials.
Kubernetes Secrets: How to Use Them Securely
Storing sensitive values is a problem as old as software itself. In 2016, Uber experienced a massive data breach that exposed 57 million users’ personal information—all traced back to a hardcoded AWS credential discovered in a GitHub repository. While we have successfully established that hardcoding secrets such as API keys and passwords is bad practice, correctly storing them is a different story, and the issues from 2016 are still prevalent today (8 years later…).
Nightfall Releases the 2025 State of Secrets Exposure Report
This year's report offers a look at what changed, what stayed the same, and where you can find a little hope in the quest for effective secrets management. While other reports focus on code repositories, Nightfall detects secrets across numerous mission critical SaaS apps and endpoints, giving a more comprehensive picture of leakage trends throughout the development lifecycle. We found secrets in ticketing apps, messaging and collaboration tools, cloud workspaces, and yes, code repositories.
Comparing Secrets Detection Solutions? Here's Why You Should Use the F1 Score
Learn how the F1 score helps you choose the right tool to strengthen your security posture.