%term

Fresh From The Docks: Uncovering 100,000 Valid Secrets in DockerHub

May 15, 2025 By Guillaume Valadon In GitGuardian

This post details the methodology used to scan 15 million Docker images, uncovering a staggering 100,000 valid secrets, including AWS, GCP, and GitHub tokens belonging to Fortune 500 companies. This emphasizes the critical need for improved security practices in containerized environments.

Read Post

GitGuardian

Read more about Fresh From The Docks: Uncovering 100,000 Valid Secrets in DockerHub

Why Your Biggest Secret Leaks Happen Behind the Firewall: Private vs. Public Repos

May 13, 2025 By Dwayne McDaniel In GitGuardian

Private repos leak plaintext secrets 8x more often than public ones. Learn why internal codebases are the biggest blind spot in your secrets management strategy.

Read Post

GitGuardian

Read more about Why Your Biggest Secret Leaks Happen Behind the Firewall: Private vs. Public Repos

RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and Access at Scale

May 9, 2025 By Dwayne McDaniel In GitGuardian

RSAC 2025 revealed that AI agents are reshaping trust and identity. Learn what top CISOs are doing about it and how the conversation about NHI governance is evolving.

Read Post

GitGuardian

Read more about RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and Access at Scale

Why Machine Identity Security is Your Next Critical Battlefront

May 8, 2025 By Anna Nabiullina In GitGuardian

In this blog, we’ll break down why machine identity security is essential, highlight Gartner’s recent research, and connect these insights to real-world issues and solutions discussed in our NHI blog series.

Read Post

GitGuardian

Read more about Why Machine Identity Security is Your Next Critical Battlefront

xAI Secret Leak: The Story of a Disclosure

May 7, 2025 By Gaetan Ferry In GitGuardian

AI adoption accelerates secret sprawl as organizations connect to multiple providers. Our investigation of a leaked xAI API key, which granted access to unreleased Grok models, reveals critical flaws in their disclosure process, highlighting necessary improvements in this domain.

Read Post

GitGuardian

Read more about xAI Secret Leak: The Story of a Disclosure

Q1 2025 Recap: GitGuardian Doubles Down on Secrets Security and Machine Identity Control

May 5, 2025 By Soujanya Ain In GitGuardian

GitGuardian launches new NHI Governance, enhanced synergies with Secret Manager integrations, smarter context analysis, container registry scanning, historical scanning for Jira & Confluence, and more. Take control of your secrets security, and machine identities.

Read Post

GitGuardian

Read more about Q1 2025 Recap: GitGuardian Doubles Down on Secrets Security and Machine Identity Control

Community Resilience as a Security Capability: Lessons from BSides SF 2025

May 1, 2025 By Dwayne McDaniel In GitGuardian

At BSidesSF 2025, speakers made clear: emotional intelligence and trust are no longer soft skills—they are mission-critical defenses.

Read Post

GitGuardian

Read more about Community Resilience as a Security Capability: Lessons from BSides SF 2025

A Look Into the Secrets of MCP: The New Secret Leak Source

Apr 29, 2025 By Gaetan Ferry In GitGuardian

MCP rapidly enhances AI capabilities but introduces security challenges through its distributed architecture. Especially, the distributed nature of MCP requires a lot of NHIs and their secrets. Our research shows that MCP is a new source of leaks that already discloses real-world secrets.

Read Post

GitGuardian

Read more about A Look Into the Secrets of MCP: The New Secret Leak Source

BSides Seattle 2025: Rebuilding Trust in Systems In The Age Of NHIs

Apr 28, 2025 By Dwayne McDaniel In GitGuardian

The BSides Seattle 2025 speakers showed how security and IAM fail under stress and why usable security must consider human limits and machine-scale risk.

Read Post

GitGuardian

Read more about BSides Seattle 2025: Rebuilding Trust in Systems In The Age Of NHIs

The Secrets Sprawl is Worse Than You Think: Key Takeaways from the 2025 Verizon DBIR

Apr 25, 2025 By Dwayne McDaniel In GitGuardian

Discover 10 critical insights from the 2025 Verizon DBIR on secrets leaks, NHI risks, and credential abuse threats affecting today’s cloud-first orgs.

Read Post

GitGuardian

Read more about The Secrets Sprawl is Worse Than You Think: Key Takeaways from the 2025 Verizon DBIR

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Fresh From The Docks: Uncovering 100,000 Valid Secrets in DockerHub

Why Your Biggest Secret Leaks Happen Behind the Firewall: Private vs. Public Repos

RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and Access at Scale

Why Machine Identity Security is Your Next Critical Battlefront

xAI Secret Leak: The Story of a Disclosure

Q1 2025 Recap: GitGuardian Doubles Down on Secrets Security and Machine Identity Control

Community Resilience as a Security Capability: Lessons from BSides SF 2025

A Look Into the Secrets of MCP: The New Secret Leak Source

BSides Seattle 2025: Rebuilding Trust in Systems In The Age Of NHIs

The Secrets Sprawl is Worse Than You Think: Key Takeaways from the 2025 Verizon DBIR

Monthly Archive

Follow Us