How We Migrated the Heart of Our Platform to Rust
By rewriting our secret detection engine in Rust, we made our engine more than three times as fast. But not without making it four times slower along the way.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Top 16 Secrets Management Tools and Platforms for 2026 (Compared)
Compare the best secrets management tools for 2026. Reviews of open source, multi-cloud, Kubernetes, and DevOps secrets management solutions for enterprise teams.
Initial Access Changed, The Attack Path Did Not: Findings From The Verizon 2026 DBIR
This year's report shows how credential sprawl across DevOps, SaaS, CI/CD, the cloud, and developer laptops turns initial access into operational impact.
BSides312 2026: Security Basics Under New Pressure
In an AI-assisted development era, the third edition of BSides312 showed why trust, identity, access, evidence, and community remain core to security work.
Grafana and GitHub Breached: The Risk When Private Code Leaks
Code from GitHub and Grafana is in criminal hands. Secrets buried inside could open doors no one is thinking of protecting yet, and AI will make hunting 0-days in that private code faster than ever.
Leaked Kubernetes Secrets: Impact Assessment and Mitigation Strategies
A single leaked Kubernetes credential rarely stays in the cluster. It opens the registry credentials, private Docker images, and private GitHub repositories behind it. In Q1 2026 alone, our detectors caught close to 2,000 new such leaks on GitHub, 28% valid at leak time.
How We Got a CISA GitHub Leak Taken Down in Under a Day
On May 14, GitGuardian found a public GitHub repository called "Private-CISA" — 844 MB of plain-text passwords, AWS tokens, and Entra ID SAML certificates belonging to CISA, exposed since November 2025. Some credentials were still valid. CISA pulled it offline within 26 hours.
San Francisco Secure Software and AppSec Summit 2026: The Next AppSec Operating Model
Security leaders at this SF area Summit examined AI agent risk, dependency governance, stale infrastructure, and the future of secure software.
AI Agents Security for Developers: Don't Let Your Agents Become a Liability
Using Cursor, GitHub Copilot, Claude Code, Codex, or another coding agent means giving software access to more than your code. It can also see the credentials available in your workspace, shell, config files, and development environment.
GitGuardian Now Flags Admin and Overprivileged Identities Across AWS, Entra, and Okta
GitGuardian's NHI Governance now adds privilege context to leaked secrets, auto-escalating admin-level risks for smarter prioritization across AWS, Entra, and Okta. Discover how admin badges and overprivilege detection cut through noise to focus on true blast radius.