Paris, France
Mar 24, 2023   |  By Soujanya Ain
DIY or open-source secrets detection can seem cost-effective and customizable initially... until you start hitting the first obstacles like scalability, developer experience (DX), or deep application security expertise. Read on to find out how GitGuardian can help you rise above these!
Mar 24, 2023   |  By Dwayne McDaniel
Everyone has secrets leakage incidents from time to time, even massive players like GitHub. This is a good reminder we all need to stay vigilant and embrace the right tools to help us stay safe.
Mar 22, 2023   |  By Guest Expert
In this blog post, we'll cover some best practices for managing AWS secrets when using the AWS SDK in Python.
Mar 15, 2023   |  By Guest Expert
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
Mar 14, 2023   |  By Dwayne McDaniel
The 18th International Conference on Cyber Warfare and Security gave researchers, policymakers, and security professionals a chance to share findings and ideas. Read the highlights.
Mar 10, 2023   |  By Thomas Segura
A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their secrets.
Mar 8, 2023   |  By Thomas Segura
The report reveals an unprecedented number of hard-coded secrets in new GitHub commits over the year 2022. And much more.
Mar 7, 2023   |  By Ziad Ghalleb
With GitGuardian available on AWS Marketplace, we’re making it easier for all organizations using AWS to protect their software supply chain from exposed secrets and credentials.
Mar 2, 2023   |  By Guest Expert
Protect your business, bounce back from disasters: learn the best practices for a reliable GitHub Restore and Disaster Recovery strategy that ensures business continuity.
Feb 24, 2023   |  By Ziad Ghalleb
This new feature automates assigning severity levels to each incident, allowing security teams to quickly identify the most critical ones and prioritize their response accordingly.
Mar 23, 2023   |  By GitGuardian
In 2022, we scanned a staggering 1.027 billion GitHub commits! How many secrets do you think we found? For the 3rd year in a row, I am excited to share with you the findings of The State of Secrets Sprawl! This report from my team at GitGuardian is the most extensive analysis of secrets exposed in GitHub and beyond!
Mar 23, 2023   |  By GitGuardian
Manual severity assignment requires a case-by-case examination of your open incidents and can be time-consuming for your teams. GitGuardian's severity scoring feature automates this approach, where and when applicable, to the incidents in your workspace so that you can save time on their triaging and prioritization. Automated severity scoring comes in handy after running a historical scan on your perimeter that surfaces hundreds or thousands of incidents. It can help you focus your remediation efforts on the most critical incidents first!
Mar 14, 2023   |  By GitGuardian
In this video, we explore how to securely manage secrets like API keys, passwords, credential pairs, and other sensitive information in python. We run through the basics of using environment variables and move onto more advanced senarios such as managing different secrets for multiple environments.
Mar 13, 2023   |  By GitGuardian
Ransomware is not new, it has been around for more than 30 years but it has changed a lot over the years. This is a snippet from a full webinar on Ransomware with Grzegorz Bak that dives into the most alarming statistics of ransomware and how we can protect ourselves against it. This presentation is thanks to GitProtect which helps make sure your code assets are securely backed up easily.
Mar 9, 2023   |  By GitGuardian
This is a brief overview of the components that make up the architecture behind a Kubernetes cluster with an explanation of what each one does. This is part of a longer webinar with guest expert Tiexin Guo that explains best security practices to harden your Kubernetes clusters.
Mar 8, 2023   |  By GitGuardian
The cloud revolution has taken the world, and programming languages, by storm! In 2022, HCL, the HashiCorp Configuration Language, driven by the popularity of Terraform and Infrastructure-as-Code practices, became the #1 fastest-growing language on GitHub! Who would’ve expected that ten years ago?!
Mar 8, 2023   |  By GitGuardian
How many android applications on the play store are leaking their credentials and secrets! The answer comes from independent research conducted by Cybernews which shows nearly half of all applications on the Play Store are leaking secrets. Vincentas Baubonis, a security researcher from CyberNews joined GitGuardian on a Webinar to detail some research they conducted exploring how android applications are leaking secrets.
Mar 2, 2023   |  By GitGuardian
GitGuardian’s real-time monitoring allows alerts to be sent immediately when an incident is detected. This high-level overview walks you through setting up, configuring, and testing alert integrations.
Mar 2, 2023   |  By GitGuardian
Take a tour of how developers commonly use ggshield, the free and open source GitGuardian CLI to find hardcoded secrets. We will also see how developers participate in the remediation process. In this video demo, see: Learn more at
Feb 24, 2023   |  By GitGuardian
learn how to create AWS Honey Tokens that alert you when someone attempts to use them. Honey tokens are API or access keys that are real but harmless and can be used as an early warning system to know when an intruder has made it into your system. In this video, we run through the simple steps to be able. to create your very own AWS Honey Tokens using an open-source project and all your own infrastructure.
Feb 1, 2023   |  By GitGuardian
This white paper outlines our Secrets Management Maturity Model, a model to help your organization make sense of its actual posture and how to improve it.
Feb 1, 2023   |  By GitGuardian
In this report from Forrester, you will learn how to get better at using Application Security Testing to heighten your developers' security senses.
Jan 1, 2023   |  By GitGuardian
Discover Application Security solutions to further secure the SDLC by implementing automated secrets detection in the DevOps pipeline.
Jan 1, 2023   |  By GitGuardian
In this document, we go beyond classical definitions of DevSecOps to express our vision of an emerging collaboration between Developers, AppSec, and Ops teams: the AppSec Shared Responsibility Model.

GitGuardian is the code security platform for the DevOps generation. With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.

Secure your software development lifecycle with enterprise-grade secrets detection. Eliminate blind spots with our automated, battle-tested detection engine:

  • There’s no secret we can’t find: With hundreds of built-in secret detectors scanning thousands of git repositories, GitGuardian brings everything to light. Build custom detectors to enhance your scans for secrets unique to your organization.
  • Precise, real-time detection without the hassle: High-efficiency detection proven by billions of commits. GitGuardian is fast, robust, and battle-tested — we’ve scanned over 3 billion commits pushed to public GitHub repositories since 2018.
  • Remediation in hours, not days: GitGuardian unites developer and security teams with cross-functional data for in-depth investigation and remediation. Enable shift-left testing using your existing systems, teams, and processes.

Keep secrets out of your source code.