How We Migrated the Heart of Our Platform to Rust
By rewriting our secret detection engine in Rust, we made our engine more than three times as fast. But not without making it four times slower along the way.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
GitGuardian's VS Code Extension Just Made It Even Easier To Fight Secrets Sprawl
We are excited to announce the release of the GitGuardian Visual Studio Code Extension version 0.23.0! Aside from updating the tool to use the latest version of ggshield, it now can show all findings in a convenient list view int he primary sidebar.
Initial Access Changed, The Attack Path Did Not: Findings From The Verizon 2026 DBIR
This year's report shows how credential sprawl across DevOps, SaaS, CI/CD, the cloud, and developer laptops turns initial access into operational impact.
New in ggshield 1.51: Codex Hooks, MCP Discovery, and SLSA Provenance
ggshield 1.51 is here with better support for AI-powered development and browser-less environments. This release adds Codex hook support, MCP server detection across Claude and Cursor, and `ggshield auth login --method oob` for SSH sessions and headless servers. It also strengthens trust in the ggshield supply chain with GitHub Artifact Attestations for release binaries, improves plugin management through your authenticated GitGuardian instance, adds a `vscode` alias for Copilot hook installation, and shows workspace ID in `ggshield api-status`.
GitGuardian Just Gave AI Coding Agents Secret Detection Skills
AI coding assistants like Claude Code and Cursor are helping developers write more code faster, but that also means more chances for secrets to slip into prompts, files, commits, and tool outputs. GitGuardian’s new open-source **agent-skills** repository teaches AI agents how to use **ggshield** directly inside the developer workflow: when to scan, how to read findings, and how to guide remediation for leaked credentials.
BSides312 2026: Security Basics Under New Pressure
In an AI-assisted development era, the third edition of BSides312 showed why trust, identity, access, evidence, and community remain core to security work.
Grafana and GitHub Breached: The Risk When Private Code Leaks
Code from GitHub and Grafana is in criminal hands. Secrets buried inside could open doors no one is thinking of protecting yet, and AI will make hunting 0-days in that private code faster than ever.
Leaked Kubernetes Secrets: Impact Assessment and Mitigation Strategies
A single leaked Kubernetes credential rarely stays in the cluster. It opens the registry credentials, private Docker images, and private GitHub repositories behind it. In Q1 2026 alone, our detectors caught close to 2,000 new such leaks on GitHub, 28% valid at leak time.