<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Dwayne McDaniel</title>
    <description>The latest articles on DEV Community by Dwayne McDaniel (@dwayne_mcdaniel).</description>
    <link>https://dev.to/dwayne_mcdaniel</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F865016%2Fa8b060e5-eccd-496d-909b-6d9c0a5b0202.jpg</url>
      <title>DEV Community: Dwayne McDaniel</title>
      <link>https://dev.to/dwayne_mcdaniel</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/dwayne_mcdaniel"/>
    <language>en</language>
    <item>
      <title>Shifting Security Left for AI Agents: Enforcing AI-Generated Code Security with GitGuardian MCP</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Fri, 26 Jun 2026 12:02:04 +0000</pubDate>
      <link>https://dev.to/gitguardian/shifting-security-left-for-ai-agents-enforcing-ai-generated-code-security-with-gitguardian-mcp-3h6c</link>
      <guid>https://dev.to/gitguardian/shifting-security-left-for-ai-agents-enforcing-ai-generated-code-security-with-gitguardian-mcp-3h6c</guid>
      <description>&lt;p&gt;The rise of AI-powered coding agents promises to revolutionize software development, boosting productivity and accelerating iteration. Over the past year, AI in software development has started to evolve from locally embedded assistants to asynchronous cloud agents. However, this powerful new paradigm introduces a critical, industry-wide challenge: &lt;strong&gt;how do we ensure the code generated by these agents is &lt;em&gt;secure by design&lt;/em&gt;?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The DevSecOps approach to code security is a great start. We can still utilize "security gates" like Pull Request (PR) checks and code reviews to help us identify when an agent has introduced a vulnerability. However, now that AI is able to iterate so quickly, these &lt;strong&gt;check-ins have become the new bottleneck&lt;/strong&gt;. Every time an agent pauses to wait for a human to analyze scan results or request changes, it adds a significant amount of time to the development cycle.&lt;/p&gt;

&lt;h1&gt;
  
  
  The Industry Challenge: Securing AI-Generated Code
&lt;/h1&gt;

&lt;p&gt;The fundamental challenge in securing code generated by AI agents stems from the training data that the underlying AI models were trained on. Humans are notoriously bad at writing vulnerability-free code, so LLMs have "learned" a lot from both bad and good examples. This means every line of code an agent suggests has a non-zero probability of introducing a known bad pattern or a vulnerability.&lt;/p&gt;

&lt;p&gt;Developers can get instant vulnerability feedback via IDE plugins, but cloud coding agents like GitHub Copilot operate in isolated environments that are fundamentally incompatible with IDE plugins. This incompatibility makes it challenging to utilize state-of-the-art security tools early in the development cycle.&lt;/p&gt;

&lt;p&gt;Another challenge with securing code was touched on in the introduction. The speed and autonomy of coding agents has completely changed the math on productivity. An agent can generate and commit dozens of complex PRs in the time a human developer would write a few functions. This volume of code overwhelms human developers with manual code reviews and security scan analyses from the CI/CD pipeline, turning them into a choke point.&lt;/p&gt;

&lt;p&gt;The industry needs a solution that can integrate directly into the agent's workflow, identifying and correcting vulnerabilities at the moment the code is being generated or modified, without reliance on human analysis and feedback. GitGuardian MCP provides this capability by acting as an agent-native security tool directly available within the AI development environment.&lt;/p&gt;

&lt;h1&gt;
  
  
  Technical Implementation: Enforcing Security for Coding Agents with MCP
&lt;/h1&gt;

&lt;p&gt;This section provides a step-by-step guide on how to integrate the GitGuardian MCP server directly into GitHub Copilot coding agent's configuration. This setup allows the agent to use the secret_scan tool to perform real-time security checks, ensuring code is secure before it is committed to a Pull Request branch and reviewed by humans.&lt;/p&gt;

&lt;p&gt;If you just want to see the results, you can skip to the Demonstration section below.&lt;/p&gt;

&lt;h2&gt;
  
  
  1. Repository Setup
&lt;/h2&gt;

&lt;p&gt;The first step is to establish an environment for the integration. In this example, we will set up a new empty repository in GitHub.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fvkmp73d9hkc4mynahz35.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fvkmp73d9hkc4mynahz35.png" alt="Repository setup" width="800" height="396"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  2. GitGuardian MCP Server Configuration
&lt;/h2&gt;

&lt;p&gt;To integrate the MCP server, we need to add it to the agent's configuration and ensure the agent has the necessary permissions and network access.&lt;/p&gt;

&lt;p&gt;We will add the GitGuardian MCP server to the &lt;a href="https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/extend-coding-agent-with-mcp#writing-a-json-configuration-for-mcp-servers" rel="noopener noreferrer"&gt;Copilot coding agent configuration&lt;/a&gt; as shown below, referencing an environment secret for the personal access token variable (we will create this later).&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"mcpServers"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"GitGuardian"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"stdio"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"command"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"uvx"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"args"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"--from"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"git+https://github.com/GitGuardian/ggmcp.git"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"developer-mcp-server"&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="p"&gt;],&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"env"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="nl"&gt;"ENABLE_LOCAL_OAUTH"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"false"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="nl"&gt;"GITGUARDIAN_PERSONAL_ACCESS_TOKEN"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"COPILOT_MCP_GITGUARDIAN_PERSONAL_ACCESS_TOKEN"&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"tools"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="s2"&gt;"scan_secrets"&lt;/span&gt;&lt;span class="p"&gt;]&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F2poeaxd0x3ilo4jnesxm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F2poeaxd0x3ilo4jnesxm.png" alt="MCP server configuration" width="800" height="788"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Next, add &lt;a href="https://api.gitguardian.com" rel="noopener noreferrer"&gt;https://api.gitguardian.com&lt;/a&gt; and &lt;a href="https://dashboard.gitguardian.com" rel="noopener noreferrer"&gt;https://dashboard.gitguardian.com&lt;/a&gt; to the Copilot coding agent &lt;a href="https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/customize-the-agent-firewall#allowlisting-additional-hosts-in-the-agents-firewall" rel="noopener noreferrer"&gt;internet access custom allowlist&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flkbyhdh5wfcq50uojnhl.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flkbyhdh5wfcq50uojnhl.png" alt="Firewall allowlist" width="799" height="374"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  3. Service Account and Secret Management
&lt;/h2&gt;

&lt;p&gt;To authenticate the agent's security scans, a dedicated GitGuardian service account with minimal permissions is required.&lt;/p&gt;

&lt;p&gt;We can set do this in the GitGuardian settings. Create a new service account, and give it "scan" permissions.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F4h7e0a6y7j9x3rf713kk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F4h7e0a6y7j9x3rf713kk.png" alt="Service account setup" width="800" height="347"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Use the button at the bottom to create the service account and save the new service account's token for a later step.&lt;/p&gt;

&lt;h2&gt;
  
  
  4. Configuring the Environment Secret
&lt;/h2&gt;

&lt;p&gt;The service account's token must be securely stored as an environment secret so that it's only accessible by the Copilot agent's MCP config.&lt;/p&gt;

&lt;p&gt;Go to the GitHub repo's environment settings and navigate to the &lt;a href="https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/extend-coding-agent-with-mcp#setting-up-a-copilot-environment-for-copilot-coding-agent" rel="noopener noreferrer"&gt;copilot environment&lt;/a&gt; or create one if it doesn't exist.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fslmybu3qag29no00vlju.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fslmybu3qag29no00vlju.png" alt="Copilot environment settings" width="800" height="363"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Add the environment secret we referenced earlier named COPILOT_MCP_GITGUARDIAN_PERSONAL_ACCESS_TOKEN, and paste the value of the service account token that was created in step 3.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fmyancd5zy0kn8lzy8es2.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fmyancd5zy0kn8lzy8es2.png" alt="Adding the environment secret" width="800" height="575"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fmmk6fhpyygnnwoaqgy55.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fmmk6fhpyygnnwoaqgy55.png" alt="Secret saved" width="667" height="426"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  5. Agent Instructions
&lt;/h2&gt;

&lt;p&gt;The final piece of the setup is instructing the Copilot agent to use the new security tool as part of its standard workflow.&lt;/p&gt;

&lt;p&gt;Create a Copilot instructions document that tells the agent to check all modified code with the secret_scan tool.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F1oxvrm1mtud4oo7nfd9s.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F1oxvrm1mtud4oo7nfd9s.png" alt="Agent instructions" width="799" height="258"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The GitGuardian MCP server is now set up and ready to be used by the Copilot coding agent.&lt;/p&gt;

&lt;h1&gt;
  
  
  Demonstration: MCP Security Tools in Action
&lt;/h1&gt;

&lt;p&gt;To validate the MCP integration and Copilot's adherence to our new security rules, we can observe the agent's behavior during a typical development task.&lt;/p&gt;

&lt;h2&gt;
  
  
  1. Assign a task to Copilot
&lt;/h2&gt;

&lt;p&gt;First, we will ask Copilot to generate code by creating an issue and assigning it to Copilot. In this example, we are asking for a boilerplate Flask API that supports authentication.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fjy09jqfk356g7ke9bkcp.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fjy09jqfk356g7ke9bkcp.png" alt="Creating an issue for Copilot" width="800" height="351"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;For demonstration purposes, we will explicitly ask Copilot to hardcode the secret key (this is a &lt;strong&gt;contrived example&lt;/strong&gt; to force a finding, but hardcoded secrets may occur without explicit instructions).&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F6g03whbo0b14pyl71nfg.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F6g03whbo0b14pyl71nfg.png" alt="Asking Copilot to hardcode the key" width="654" height="334"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  2. Observe Copilot's behavior
&lt;/h2&gt;

&lt;p&gt;Once assigned a task, Copilot will create a draft PR to track its work. Navigate to the PR and view the coding session to observe its activity in real time.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Feyvmbw9qmhpa5qg42xxo.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Feyvmbw9qmhpa5qg42xxo.png" alt="Copilot draft PR" width="800" height="848"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;When the session kicks off, we can see the GitGuardian MCP server starting up.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flzv1km7fjlerknf8xq7x.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flzv1km7fjlerknf8xq7x.png" alt="MCP server starting up" width="800" height="235"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;As the agent implements the Flask API, we can see it has hardcoded the secret key.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8vjrbtfybtowq187e7vc.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8vjrbtfybtowq187e7vc.png" alt="Hardcoded secret key" width="758" height="555"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Once Copilot is done making changes, it calls the secret_scan tool as instructed and finds the hardcoded secret key.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F7ru89rth8dbb9jkol1mk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F7ru89rth8dbb9jkol1mk.png" alt="Secret scan finding" width="799" height="915"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Because we explicitly asked Copilot to hardcode the secret to demonstrate this example, the agent only adds warnings instead of actually remediating the issue. &lt;strong&gt;In a real scenario, Copilot would not have conflicting instructions about how to handle the secret findings and would remediate the issue automatically.&lt;/strong&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  Conclusion
&lt;/h1&gt;

&lt;p&gt;In this blog post, we demonstrated how GitGuardian MCP can be used to &lt;strong&gt;shift security left&lt;/strong&gt; in the absence of traditional security tools like IDE plugins. While hardcoded secrets are a prevalent and critical finding, the challenge of securing AI-generated code extends beyond secret exposure. This approach of providing agents with state-of-the-art security tools should be replicated to automate the detection and resolution of many issues.&lt;/p&gt;

&lt;p&gt;Agents, like humans, aren't perfect, but we can secure AI-generated code. By embedding security directly into the AI agent's control plane and instructions, organizations can enforce security checks at the earliest possible stage, significantly accelerating the safety and productivity of agentic software development.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>ai</category>
      <category>devsecops</category>
      <category>github</category>
    </item>
    <item>
      <title>Protecting Developers Means Protecting Their Secrets</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Thu, 25 Jun 2026 16:57:12 +0000</pubDate>
      <link>https://dev.to/gitguardian/protecting-developers-means-protecting-their-secrets-1kgi</link>
      <guid>https://dev.to/gitguardian/protecting-developers-means-protecting-their-secrets-1kgi</guid>
      <description>&lt;p&gt;When most people think of "Enterprise Security," they immediately think of hardened data centers, locked-down cloud environments, and SOC teams watching dashboards late into the night. They picture firewalls, SIEM alerts, and tightly controlled production systems.&lt;/p&gt;

&lt;p&gt;What they rarely picture is the most active piece of enterprise infrastructure in the company: the developer workstation. Yet that laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local agents. Attackers have noticed.&lt;/p&gt;

&lt;p&gt;Let's take a closer look at how developers have become the entry point for evolving supply chain attacks and what we can do about it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Developers Have Become Targets For Supply Chain Attacks
&lt;/h2&gt;

&lt;p&gt;Developers have always been attractive targets for attackers. To do their work, devs need access to internal systems and codebases, and attackers have always tried to leverage that access. In the past, that often meant physical theft, shoulder-surfing, risky Wi-Fi, or waiting for a developer to accidentally commit a secret publicly. Credentials were issued more deliberately, usually as long-lived API keys, with the expectation that the developer would guard them against human-scale snooping and loss.&lt;/p&gt;

&lt;p&gt;But the developer reality has changed. Today, developers regularly create and connect new credentials for services, bots, build systems, agents, and every other kind of non-human identity (NHI). Approval workflows can not keep up with escalating delivery pressure, so many developers create "temporary" credentials to get things working quickly. Those get stored in local .env files and other plaintext configs, which still feel "safe" because they are on their own machines.&lt;/p&gt;

&lt;h3&gt;
  
  
  Adversaries Evolved Right Alongside Enterprise IT
&lt;/h3&gt;

&lt;p&gt;Attackers no longer need physical access to a laptop or Remote Desktop Protocol (RDP) connections. Instead, they slip into the toolchain. The &lt;a href="https://blog.gitguardian.com/shai-hulud-2/" rel="noopener noreferrer"&gt;Shai-Hulud campaigns combined dependency compromise&lt;/a&gt; with systematic local environment harvesting. The attack involved harvesting local environment data, running structured secret scans, and exfiltrating what they found at scale, with the same valid secret often duplicated across many locations.&lt;/p&gt;

&lt;p&gt;And now, AI agents can be turned into accomplices. For example, the &lt;a href="https://blog.gitguardian.com/the-nx-s1ngularity-attack-inside-the-credential-leak/" rel="noopener noreferrer"&gt;S1ngularity attack&lt;/a&gt; used malware that weaponized local AI agents to facilitate credential theft, starting from a familiar supply-chain entry point. Ecosystems like &lt;a href="https://blog.gitguardian.com/moltbot-personal-assistant-goes-viral-and-so-do-your-secrets/" rel="noopener noreferrer"&gt;OpenClaw&lt;/a&gt; normalize installing "skills" that can include links, scripts, and copy/paste commands, turning documentation into an execution path on machines holding enterprise credentials.&lt;/p&gt;

&lt;p&gt;No matter how the malicious code is executed on the machine, the net result is the same: attackers are not just trying to steal code, they are trying to steal the locally stored secrets that unlock everything else. Any theft of valid credentials brings a much higher risk of unauthorized access, exactly what security leads are worried about.&lt;/p&gt;

&lt;h2&gt;
  
  
  Reducing Risk On Development Machines
&lt;/h2&gt;

&lt;p&gt;Let's take a closer look at some steps and best practices you can implement right now, and some longer-term strategies you can adopt to mitigate the risks that secrets on the developer workstation can pose.&lt;/p&gt;

&lt;h3&gt;
  
  
  Understand Your Exposure
&lt;/h3&gt;

&lt;p&gt;Start with visibility on the developer machine, because attackers do not need a dramatic intrusion when secrets are already sitting in plaintext across workspaces and tool caches. You need to treat the workstation as the primary environment for secrets scanning, not an afterthought.&lt;/p&gt;

&lt;p&gt;In practice, that means running scans with &lt;a href="https://www.gitguardian.com/ggshield" rel="noopener noreferrer"&gt;ggshield, the command-line tool that extends the power of the GitGuardian platform&lt;/a&gt; to the developer's terminal, to identify secrets in obvious and not-so-obvious places.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fjxh1peyi0t63pd7wg1zd.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fjxh1peyi0t63pd7wg1zd.png" alt="ggshield detecting a secret in a specific file from a path" width="800" height="305"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;ggshield detecting a secret in a specific file from a path&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Of course, you should scan local repositories to catch credentials that slipped into the code and to detect anything still lingering in Git history. Once committed, even if removed in the next commit, secrets remain in your shared repository's history forever.&lt;/p&gt;

&lt;p&gt;You should also scan across the filesystem paths where secrets accumulate outside Git, because that is where most of the real exposure lives. Project workspaces, dotfiles, and build output are the obvious culprits, but agent folders matter just as much now. Local agents generate logs, caches, and "memory" stores that often include pasted tokens, copied config blocks, and troubleshooting output.&lt;/p&gt;

&lt;p&gt;Even when a developer never commits a secret, those "other" folders and files can still become a reliable second source of plaintext credentials sitting on disk.&lt;/p&gt;

&lt;h4&gt;
  
  
  Don't Forget Environment Variables
&lt;/h4&gt;

&lt;p&gt;Do not assume environment variables are "safe" just because they are not in Git. On developer machines, environment variables are often persisted and duplicated in ways that are easy to forget and easy for malware to harvest.&lt;/p&gt;

&lt;p&gt;Shell profiles, terminal session files, local run scripts, devcontainer configs, IDE settings, and generated artifacts can all end up storing environment values on disk, sometimes indefinitely.&lt;/p&gt;

&lt;p&gt;Treat these locations as part of your normal exposure surface, and scan for them the same way you scan repos and workspaces, because attackers are increasingly harvesting local environment data as a direct path to valid credentials.&lt;/p&gt;

&lt;h4&gt;
  
  
  Stop the Bleed
&lt;/h4&gt;

&lt;p&gt;Once you start scanning locally, add &lt;strong&gt;ggshield pre-commit hooks&lt;/strong&gt; so you stop creating new leaks while you clean up the old ones. This turns secret detection into a default guardrail that runs as part of normal work, catching mistakes immediately and giving developers a clear next step to fix the issue before it turns into an incident.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5vjozrks3tk8os88n807.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5vjozrks3tk8os88n807.png" alt="ggshield pre-commit command catching a secret" width="800" height="372"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;ggshield pre-commit command catching a secret&lt;/em&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Move Valid Secrets Into A Vault Or Password Manager
&lt;/h3&gt;

&lt;p&gt;Stop making &lt;code&gt;.env&lt;/code&gt; files the place where "real" values live. Keep a tracked .env.example (or similar) with variable names and safe placeholders. From there, switch local runs to pull values at execution time from your vault or password manager, so the secret only exists in the process environment for the moment it is needed.&lt;/p&gt;

&lt;p&gt;For example, if your team uses 1Password, the practical pattern is to store project secrets in a shared vault or an Environment, then launch your app with secrets injected at runtime using the CLI. &lt;a href="https://developer.1password.com/docs/cli/reference/commands/run/" rel="noopener noreferrer"&gt;1Password documents&lt;/a&gt; using &lt;code&gt;op run&lt;/code&gt; to run a command with secrets available only as environment variables for that subprocess, and &lt;code&gt;op inject&lt;/code&gt; when you need to resolve secret references in config templates without keeping plaintext values sitting around.&lt;/p&gt;

&lt;p&gt;If your team has already invested in &lt;a href="https://www.conjur.org/" rel="noopener noreferrer"&gt;CyberArk Conjur&lt;/a&gt;, for example, the pattern looks very similar with their command-line tool &lt;code&gt;summon&lt;/code&gt; which is explicitly built to load secrets from a secret store into a subprocess environment. You keep a small secrets.yml mapping environment variable names to Conjur variables, then run your app with &lt;code&gt;summon -p summon-conjur -- &amp;lt;command&amp;gt;&lt;/code&gt; so the values are pulled from Conjur just-in-time and never need to live in plaintext files on disk.&lt;/p&gt;

&lt;p&gt;There is another benefit to this approach: governance. Once inside a secrets manager, your security and operations team can start tracking the state of these secrets with tools like &lt;a href="https://www.gitguardian.com/nhi-governance" rel="noopener noreferrer"&gt;GitGuardian's NHI Governance platform&lt;/a&gt;, checking for policy breaches against the riskiest states, as defined by &lt;a href="https://blog.gitguardian.com/owasp-top-10-non-human-identity-risks/" rel="noopener noreferrer"&gt;OWASP's Top 10 for NHIs&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxstr7yosc4eoh66ww575.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxstr7yosc4eoh66ww575.png" alt="GitGuardian Analytics showing the state of secrets being monitored" width="800" height="298"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;GitGuardian Analytics showing the state of secrets being monitored&lt;/em&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  When .env Is Required, Use SOPS and Embrace a Global .gitignore
&lt;/h3&gt;

&lt;p&gt;Sometimes an &lt;code&gt;.env&lt;/code&gt; file is the simplest way to run a service locally, and pretending otherwise just pushes developers into weirder, less visible workarounds. The goal is not to ban .env. The goal is to stop plaintext secrets from becoming durable artifacts that linger on disk. When .env is required, treat it as a controlled exception, then wrap it in guardrails that make the safe path the easy path.&lt;/p&gt;

&lt;p&gt;First, when a team truly needs to keep environment values in a file for repeatable local setup, use &lt;a href="https://blog.gitguardian.com/a-comprehensive-guide-to-sops/" rel="noopener noreferrer"&gt;SOPS so the file is encrypted at rest&lt;/a&gt; and can be safely stored and shared without being usable by an attacker. The developer experience stays familiar, but the risk profile changes because secrets are no longer sitting in plaintext.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://blog.gitguardian.com/secrets-management-guide" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fctn769ulv6jtnr6tbg3l.png" alt="SOPS guidance from the Secrets Management Guide resource" width="800" height="527"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;SOPS guidance from the &lt;a href="https://blog.gitguardian.com/secrets-management-guide" rel="noopener noreferrer"&gt;Secrets Management Guide resource&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Next, adopt a global &lt;code&gt;.gitignore&lt;/code&gt; that ignores .env and the other usual local-only files across every repo a developer touches. This can easily be done by &lt;a href="https://www.freecodecamp.org/news/gitignore-what-is-it-and-how-to-add-to-repo/" rel="noopener noreferrer"&gt;editing your git config&lt;/a&gt; to use a defined .gitignore file, where you can specify file names and entire file types that git should not add to any commit. This is how you prevent the muscle-memory mistake of &lt;code&gt;git add .&lt;/code&gt; or &lt;code&gt;git add -A&lt;/code&gt; sweeping up a credential file during a busy day.&lt;/p&gt;

&lt;p&gt;This is the posture shift you want to communicate: .env is OK as a workflow, plaintext .env is not fine as a storage model. A global ignore reduces accidental commits, and SOPS reduces the damage when files are copied, backed up, or otherwise exposed.&lt;/p&gt;

&lt;h3&gt;
  
  
  Treat Agentic AI Like a Secret-Leaking Machine Until Proven Otherwise
&lt;/h3&gt;

&lt;p&gt;Agentic tools feel like productivity helpers, but operationally, they behave more like a new kind of automation account that can read files, run commands, and move data between systems. Treat them that way from day one.&lt;/p&gt;

&lt;p&gt;With OpenClaw-style agents, the "memory" is not an abstract concept. It is literally files on disk, commonly &lt;code&gt;SOUL.md&lt;/code&gt; and &lt;code&gt;MEMORY.md&lt;/code&gt;, stored in predictable locations and often in plain text. That changes the risk model for developers because anything you paste into an agent session, plus anything the agent decides to remember, can become a durable local artifact that other malware can simply steal.&lt;/p&gt;

&lt;p&gt;Never paste credentials into agent chats, never teach the agent secrets "for later," and treat agent memory files as sensitive data stores that must be kept secret-free and routinely reviewed and scrubbed.&lt;/p&gt;

&lt;p&gt;When scanning for secrets, we must take these new files and workflows into account.&lt;/p&gt;

&lt;h3&gt;
  
  
  Eliminate Whole Classes of Secrets with WebAuthn and OIDC
&lt;/h3&gt;

&lt;p&gt;The other suggestions so far have been very achievable in the short term. Let's now look at longer-term strategies. For most teams, these changes usually mean changing how people log in, how services authenticate, and how platforms are wired together. It also pays off the most. The fastest way to reduce secret sprawl is not to store secrets "better," it is to remove the need for entire categories of shared secrets in the first place.&lt;/p&gt;

&lt;p&gt;On the human side, WebAuthn (passkeys) replaces passwords and a lot of the brittle recovery and MFA bypass paths that attackers love. On the workload side, &lt;a href="https://blog.gitguardian.com/oidc-for-developers-auth-integration/" rel="noopener noreferrer"&gt;OIDC federation&lt;/a&gt; replaces long-lived cloud keys and service account secrets with short-lived tokens issued at runtime.&lt;/p&gt;

&lt;p&gt;The practical way to roll this out is in slices. Start with the highest-risk paths where leaked credentials hurt the most, then expand. Move developer access to passkeys as teams adopt compatible identity providers and devices. In parallel, migrate CI and deployment workflows to OIDC-based auth so pipelines stop relying on stored cloud keys, registry tokens, and shared secrets.&lt;/p&gt;

&lt;p&gt;This is a program, not a weekend task, but every piece you migrate is one less secret that can leak from a workstation, a repo, or an agent's local memory.&lt;/p&gt;

&lt;h3&gt;
  
  
  Move To Ephemeral Secrets And Identity-Based Authentication Workflows
&lt;/h3&gt;

&lt;p&gt;If you cannot eliminate secrets yet, the next best move is to make them short-lived, narrowly scoped, and automatically replaced. Ephemeral credentials change the economics of theft. A token that expires quickly and cannot do much is far less useful than a long-lived key that sits quietly on disk for months. This is how you reduce the blast radius when a developer machine gets hit by a dependency compromise or an infostealer.&lt;/p&gt;

&lt;p&gt;This is also where &lt;a href="https://blog.gitguardian.com/getting-started-with-spiffe/" rel="noopener noreferrer"&gt;SPIFFE fits cleanly into the story&lt;/a&gt;. SPIFFE is built around issuing short-lived cryptographic identity documents called SVIDs (either X.509 certificates or JWTs) to workloads, so services can authenticate using identities that rotate automatically instead of relying on static API keys embedded in configs.&lt;/p&gt;

&lt;p&gt;In rollout terms, "ephemeral by design" means you deliberately replace the worst offenders first. Start with long-lived cloud keys, deployment tokens, and service credentials that developers or runners keep locally for convenience. Shift those paths to short-lived tokens, automatic rotation, and workload identity patterns like SPIFFE/SPIRE wherever they fit. Each migration is one less durable secret that can be stolen, reused, and quietly weaponized later.&lt;/p&gt;

&lt;h2&gt;
  
  
  Closing the Developer Secret Gap
&lt;/h2&gt;

&lt;p&gt;Developer workstations are part of the software supply chain, sitting at the intersection of rapid delivery, expanding NHI creation and use, and local automation tools. This is exactly why attackers have shifted their tactics. They no longer need to wait for a secret to be pushed to a repo or gain hands-on access to a laptop.&lt;/p&gt;

&lt;p&gt;If a credential exists in plaintext anywhere on the machine, including build output, dotfiles, and agent "memory" files, it can be harvested and reused to unlock systems that were never meant to be reachable from a single endpoint compromise.&lt;/p&gt;

&lt;p&gt;GitGuardian is here to help. The GitGuardian platform is built to help teams eliminate secrets sprawl across the full surface area where it appears, from source code to developer machines to emerging agent workflows. With ggshield as the developer-side control plane and platform-backed detection, remediation, and governance, teams can move from occasional cleanup to continuous prevention.&lt;/p&gt;

&lt;p&gt;The end goal is smaller exposure, shorter secret lifetimes, and fewer opportunities for attackers to turn one compromised developer environment into enterprise-wide access. &lt;a href="https://www.gitguardian.com/book-a-demo" rel="noopener noreferrer"&gt;We would love to help you on your journey&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>devsecops</category>
      <category>appsec</category>
      <category>devops</category>
    </item>
    <item>
      <title>Claude Code Security: Why the Real Risk Lies Beyond Code</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Tue, 23 Jun 2026 12:50:25 +0000</pubDate>
      <link>https://dev.to/gitguardian/claude-code-security-why-the-real-risk-lies-beyond-code-57op</link>
      <guid>https://dev.to/gitguardian/claude-code-security-why-the-real-risk-lies-beyond-code-57op</guid>
      <description>&lt;p&gt;Many cybersecurity professionals have been following Anthropic's announcement about the release of Claude Code Security on Friday. This created the beginning of a panic on the cybersecurity stock market. It also raised a lot of questions from domain experts, investors and security enthusiasts.&lt;/p&gt;

&lt;h3&gt;
  
  
  Anthropic's announcement
&lt;/h3&gt;

&lt;p&gt;Anthropic introduces Claude Code Security: a tool that scans full codebases for security vulnerabilities, and can propose fixes directly in developer workflows. The tool leverages the latest foundational model's reasoning capabilities to provide a new experience. In a world where code will be generated only by AI, this can sound very much like &lt;strong&gt;code security is dead.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Our vision
&lt;/h2&gt;

&lt;p&gt;18 months ago, SAST, SCA, and IaC security were areas where we had real traction and could see ourselves expanding. But as AI tooling started reshaping how code gets written, we made a tough call. We decided to stop these initiatives and go all-in on what we believed would matter most: &lt;strong&gt;Protecting enterprises against leaked secrets and mismanaged NHIs&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;We envisioned a future where &lt;strong&gt;identity is crucial for the AI era security, with secrets enabling AIs to access data and take actions&lt;/strong&gt;. After pioneering in secrets detection for years we witnessed how amplified the problem became as LLM emerged: more API keys for AI services, more code generated, often less secure, more agents requiring sophisticated access to a myriad of tools. &lt;strong&gt;All in all, this resulted in more secrets exposed. Yet the problem of overseeing and managing these secrets in a secure way remains unsolved.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The paradigm shifted from human hardcoding secrets in their code, to AIs having wide access levels on several systems with humans, coders and non-coders, prompting them and creating new vulnerabilities.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;18 months later, let me describe where we stand.&lt;/em&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What isn't changing
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Best in class secrets detection
&lt;/h3&gt;

&lt;p&gt;GitGuardian is &lt;strong&gt;the leader in secrets detection&lt;/strong&gt;. We are the only solution able to &lt;strong&gt;scan large volume of data at scale (50 MB/s per core at negligible cost) in addition to +30 different data sources&lt;/strong&gt; (ticketing systems, messaging apps, container registries, …).&lt;/p&gt;

&lt;p&gt;Our latest State of Secrets Sprawl report (will be released in March) clearly shows that AI-assisted coding has boomed over the last 12 months, with &lt;strong&gt;the number of AI generated commits growing a 10x factor over the past year.&lt;/strong&gt; We also see that these commits used to contain more secrets in the first half of 2025; however, the number of secrets per commit started decreasing at the end of the year, probably reflecting the improvements of foundational models.&lt;/p&gt;

&lt;h3&gt;
  
  
  Remediation is where the real work begins
&lt;/h3&gt;

&lt;p&gt;Our value proposition is very different from static analysis, or vulnerabilities in dependencies. &lt;strong&gt;Remediating a secret exposure is a hard problem&lt;/strong&gt;: One that involves manual actions and human control. &lt;strong&gt;It's not just about fixing the code.&lt;/strong&gt; &lt;strong&gt;It's about not breaking production, mapping the infrastructure, assessing the blast radius of a secret rotation and coordinating this effort across your org.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;GitGuardian has been spending the last 7 years exploring and pioneering in this area.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Because secrets are not only a vulnerability when they are exposed but also when they are mismanaged&lt;/strong&gt;, a year ago, we released &lt;a href="https://www.gitguardian.com/nhi-governance" rel="noopener noreferrer"&gt;&lt;strong&gt;NHI governance&lt;/strong&gt;&lt;/a&gt;: a product specifically aiming at providing a 360 view of how your secrets are spread and used in your org. We're not only looking at leaked secrets, but thanks to &lt;a href="https://www.gitguardian.com/ggscout" rel="noopener noreferrer"&gt;ggscout&lt;/a&gt;, we are able to also observe the dissemination of your secrets across servers, apps and vaults with context.&lt;/p&gt;

&lt;p&gt;You cannot manage what you can't see. You need this inventory to remediate leaked secrets and spot weaknesses in your organization. Secrets used across multiple environments, overpermissioned, not being rotated, exposed publicly or sprawling across all your vaults.&lt;/p&gt;

&lt;h2&gt;
  
  
  Enterprises are not looking for point solutions
&lt;/h2&gt;

&lt;p&gt;One key learning we have seen in the past is the importance of being able to orchestrate your identities security, at scale. Serving Fortune 500 enterprises for the past 7 years has taught us that point solutions are not enough. Our customers are looking for a unified experience with several key capabilities.&lt;/p&gt;

&lt;p&gt;Think integrations with multiple data sources, notifications, aggregated analytics and metrics, RBAC, users management, fine tuning and customization.&lt;/p&gt;

&lt;p&gt;This is what we are proposing at GitGuardian.&lt;/p&gt;

&lt;h3&gt;
  
  
  Emerging threats, new horizons
&lt;/h3&gt;

&lt;p&gt;In the past months, GitGuardian has been pushing in several directions to provide an even better security posture as the attack surface grows.&lt;/p&gt;

&lt;p&gt;We believe that endpoint security becomes critical. &lt;strong&gt;Developers' laptops are the next frontier for attackers&lt;/strong&gt;. We've seen the emergence of sophisticated attacks (such as &lt;a href="https://blog.gitguardian.com/the-nx-s1ngularity-attack-inside-the-credential-leak/" rel="noopener noreferrer"&gt;&lt;strong&gt;NX/s1ngularity&lt;/strong&gt;&lt;/a&gt; or &lt;a href="https://blog.gitguardian.com/shai-hulud-2/" rel="noopener noreferrer"&gt;Shai-hulud&lt;/a&gt;) that specifically took advantage of machines weaknesses.&lt;/p&gt;

&lt;p&gt;This is why we built our &lt;a href="https://www.gitguardian.com/agentic-ai-security#secure-developer-endpoints" rel="noopener noreferrer"&gt;local scanning and identities inventory tool&lt;/a&gt;. This solution is the ultimate tool for security engineers to get a clear understanding of which machines hold which secrets. You can deploy it across your workforce via an MDM, and GitGuardian will re-surface all the weaknesses and points of attention: overprivileged credentials, production credentials ending up on a developer's laptop.&lt;/p&gt;

&lt;p&gt;In the past 12 months, we have also worked hard on &lt;a href="https://www.gitguardian.com/agentic-ai-security" rel="noopener noreferrer"&gt;agentic security&lt;/a&gt;. Managing your attack surface has become THE biggest challenge for security engineers in the AI era.&lt;/p&gt;

&lt;p&gt;I love to think of agent as &lt;strong&gt;LLM + Context + Ability to perform actions. Your agent will be more and more powerful as each of these dimensions increase.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fszgqdgmrwy3vw9cgpjs3.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fszgqdgmrwy3vw9cgpjs3.png" alt="LLM + Context + Actions diagram" width="778" height="722"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The problem is: &lt;strong&gt;both context and ability to perform actions require authentication&lt;/strong&gt;. How do you secure these?&lt;/p&gt;

&lt;p&gt;On top of that, and to get a sense of the scale we are talking about: AI does not enter your enterprise in a perfectly supervised manner. Shadow IT, experimentations launched in all your departments by all types of profiles, third party tools being used by your SaaS providers make the agentic footprint bigger than what you think.&lt;/p&gt;

&lt;p&gt;All in all, having a 360 view over your agents and identity security is harder than ever. This is what we are committed to achieving at GitGuardian.&lt;/p&gt;

&lt;p&gt;Because of these concerns regarding endpoint security and managing the attack surface, we are also doubling down on our historical &lt;a href="https://www.gitguardian.com/itdr#detect-intrusion-instantly" rel="noopener noreferrer"&gt;HoneyTokens offering&lt;/a&gt; to proactively detect breaches. &lt;strong&gt;We are now able to support a handful of custom providers, and to disseminate these traps at scale in your organization.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  "The road ahead"
&lt;/h2&gt;

&lt;p&gt;Anthropic describes the road ahead, how attackers benefit from AI, and how Claude Code Security will make code bases more secure. We are living exciting times for sure. But remember: Hackers don't break in, they log in. With AI generating more and more code, and models being trained to generate safer code, the attack surface is different. But different does not mean smaller; it now spans far beyond code. GitGuardian and all our teams are committed to making AI a safe place. This starts with securing your non-human identities and secrets across your whole organization.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>ai</category>
      <category>devsecops</category>
      <category>appsec</category>
    </item>
    <item>
      <title>Who Actually Owns This Service Account?</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Mon, 22 Jun 2026 13:23:47 +0000</pubDate>
      <link>https://dev.to/gitguardian/who-actually-owns-this-service-account-p6b</link>
      <guid>https://dev.to/gitguardian/who-actually-owns-this-service-account-p6b</guid>
      <description>&lt;p&gt;When that AWS service account gets compromised, who do you call?&lt;br&gt;
A question that shouldn't be hard.&lt;/p&gt;

&lt;p&gt;If you're in security or platform engineering, you already know the answer is usually "I have no idea." Maybe you search through GitHub commit history. Maybe you ping three different Slack channels. Maybe you can check the wiki that hasn't been updated since 2023. And while you're doing all that detective work, the clock is ticking, and the compromised credential is still active.&lt;/p&gt;

&lt;p&gt;This isn't a tooling problem or a people problem, it's an accountability problem. Your organization has spent years hardening human identity security. MFA everywhere, least privilege enforcement, and regular access reviews. But machine identities? Those service accounts, API keys, CI/CD tokens, and bot credentials that outnumber your employees by orders of magnitude? Nobody owns them. Nobody's responsible. And when something goes wrong, everyone pays the price.&lt;/p&gt;

&lt;p&gt;We provide ownership in GitGuardian NHI Governance to fix this. With automatic owner suggestions pulled from your existing tools and the flexibility to assign accountability however it makes sense for your team.&lt;/p&gt;

&lt;h2&gt;
  
  
  The problem everyone is finally talking about
&lt;/h2&gt;

&lt;h3&gt;
  
  
  When 2 AM incidents expose the accountability gap
&lt;/h3&gt;

&lt;p&gt;Let's walk through what actually happens during a credential leak. Your secrets detection tool catches a GitHub personal access token in a public repo. It has write access to the production infrastructure. It's the middle of the night.&lt;/p&gt;

&lt;p&gt;The race starts: Can you find the owner and rotate the credentials before an attacker finds them?&lt;/p&gt;

&lt;p&gt;Without ownership metadata, here's what your security engineer does:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Check the commit that exposed it (the author left the company six months ago)&lt;/li&gt;
&lt;li&gt;Search Slack for the repo name (find twelve threads, none conclusive)&lt;/li&gt;
&lt;li&gt;Look up the org chart (the team was reorganized twice this year)&lt;/li&gt;
&lt;li&gt;Page someone who might know someone who might know&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Forty-five minutes later, you've got a "pretty sure" answer. The credential gets rotated. Maybe nothing bad happened. Maybe you got lucky.&lt;/p&gt;

&lt;p&gt;This happens all the time. Not because people are careless, but because accountability for machine identities simply doesn't exist in most organizations. They're created during product sprints, inherited through team transitions, and forgotten when projects end.&lt;/p&gt;

&lt;h3&gt;
  
  
  Why machine identities are the forgotten stepchildren of IAM
&lt;/h3&gt;

&lt;p&gt;Think about how your company handles human identity governance. There are clear owners for every account. Access gets reviewed quarterly. When someone leaves, offboarding workflows kick in automatically. You have audit trails, approval chains, the works.&lt;/p&gt;

&lt;p&gt;Now think about your service accounts. How many do you have? (Most teams guess low by at least 50%.) Who created them? Who uses them? Who's responsible for rotating or deprovisioning when needed? The answers usually range from "unclear" to "absolutely no clue."&lt;/p&gt;

&lt;h2&gt;
  
  
  We built ownership into NHI Governance
&lt;/h2&gt;

&lt;p&gt;Here's how it works: GitGuardian now assigns and tracks owners for every non-human identity in your inventory. You can see who's responsible, filter by ownership status, and update assignments whenever you need to. It starts working automatically and gives you full control.&lt;/p&gt;

&lt;h3&gt;
  
  
  How it works (and why we made it automatic)
&lt;/h3&gt;

&lt;p&gt;The last thing you need is another system to manually populate. So we built ownership to learn from your existing tools and data.&lt;/p&gt;

&lt;p&gt;GitGuardian analyzes your integrated sources(IAM systems, cloud providers, incident history, and even commit data) and suggests owners based on the strongest available signals. The ranking goes like this:&lt;/p&gt;

&lt;p&gt;If your IAM or IdP has an explicit owner field, we use that (highest confidence). Next, we check resource tags for owner metadata. Then we look at who configured the integration, who last edited or created the resource, which developers' commits triggered incidents involving this identity, and who detected associated secrets in public scans.&lt;/p&gt;

&lt;p&gt;The system picks the best candidates and suggests up to five owners per identity. You'll see them labeled "Set automatically by GitGuardian" in the detail view. You can keep them, remove them, add more, or replace them entirely. Automatic suggestions never overwrite manual assignments.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fp8u1wtthr6q1efk00wz9.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fp8u1wtthr6q1efk00wz9.png" alt="Adding owner in GitGuardian NHI Governance" width="800" height="500"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Owners suggested automatically by GitGuardian can be confirmed, removed, or supplemented with manual assignments—including external users.&lt;/strong&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  You can override everything
&lt;/h3&gt;

&lt;p&gt;We're opinionated about defaults but flexible about exceptions. Every NHI has an Owners section in its detail view where you can:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Add owners manually (workspace members or external users by email)&lt;/li&gt;
&lt;li&gt;Remove suggested owners you disagree with&lt;/li&gt;
&lt;li&gt;Replace the entire owner list if needed&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;External owners don't need GitGuardian accounts. Contractors, external partners, people in other divisions—anyone with an email can be assigned accountability.&lt;/p&gt;

&lt;p&gt;The inventory view shows up to two owners per identity in an Owner column. Use the filter to narrow your view: identities with no owner, everything owned by you, or a specific person's responsibilities.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5ko4bdwjxflgc35321c6.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5ko4bdwjxflgc35321c6.png" alt="Owner filter in NHI inventory" width="800" height="500"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Filter the NHI inventory by owner to find unassigned identities or see all credentials you're responsible for.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If you want to automate ownership assignment during provisioning or sync with your CMDB, the public API has you covered. Use the nhi:ownership: read and nhi:ownership: write scopes to list, add, remove, or replace owners programmatically.&lt;/p&gt;

&lt;h2&gt;
  
  
  What changes when every identity has an owner
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Incident response that doesn't require a manhunt
&lt;/h3&gt;

&lt;p&gt;Remember that 2 AM credential leak scenario? With ownership, the process is completely different.&lt;/p&gt;

&lt;p&gt;Alert fires. Security engineer opens the NHI detail view. Sees the owner. Pings them in Slack. Credential gets rotated. Done.&lt;/p&gt;

&lt;p&gt;That time savings compounds. When your team isn't spending half their day tracking down owners for incidents, they can focus on the actual security work: threat modeling, control improvements, risk reduction.&lt;/p&gt;

&lt;h3&gt;
  
  
  The orphaned account problem actually gets solved
&lt;/h3&gt;

&lt;p&gt;Orphaned identities (machine credentials that outlive their projects or creators) are some of the easiest targets for attackers. They typically have over-provisioned permissions, no rotation schedule, and zero monitoring. They're just sitting there waiting to be abused.&lt;/p&gt;

&lt;p&gt;Ownership doesn't magically delete orphaned accounts, but it creates the conditions for hygiene at scale. Filter the inventory for "No owner" and you instantly see every identity that needs attention. Assign owners so that when projects shut down or people leave, their associated identities get reviewed and deprovisioned.&lt;/p&gt;

&lt;h3&gt;
  
  
  Auditors stop asking the same question twelve times
&lt;/h3&gt;

&lt;p&gt;If you've been through SOC 2, PCI-DSS, or HIPAA audits, you know the drill. Auditors want proof of accountability for privileged access. They ask questions like:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;"Who is responsible for this service account?"&lt;/li&gt;
&lt;li&gt;"How do you enforce least privilege?"&lt;/li&gt;
&lt;li&gt;"What happens when someone with access leaves the company?"&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Without ownership data, you pull together spreadsheets, dig through tickets, and reconstruct timelines from memory. It takes weeks. Findings pile up because you can't definitively prove accountability.&lt;/p&gt;

&lt;p&gt;With ownership, you export the data. The audit that used to take three weeks takes three hours. Every identity has a clear owner. You can show assignment history, prove continuous accountability, and demonstrate segregation of duties. Auditors get their evidence, you get back to work.&lt;/p&gt;

&lt;h2&gt;
  
  
  Try it yourself
&lt;/h2&gt;

&lt;p&gt;Ownership is now live in GitGuardian NHI Governance. Here's how to get started:&lt;/p&gt;

&lt;p&gt;Open NHI Governance → Identities, and you'll see the new Owner column. Filter by "No owner" to see which identities need attention. Click into any NHI and use the Owners section to add, edit, or confirm ownership. If you want to automate things, check out the API docs.&lt;/p&gt;

&lt;p&gt;Learn more: &lt;a href="https://docs.gitguardian.com/nhi-governance/discover-your-nhis?ref=blog.gitguardian.com#nhi-ownership" rel="noopener noreferrer"&gt;NHI Ownership documentation&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Get started: &lt;a href="https://dashboard.gitguardian.com/auth/signup?ref=blog.gitguardian.com" rel="noopener noreferrer"&gt;Sign in to GitGuardian&lt;/a&gt; or &lt;a href="https://www.gitguardian.com/book-a-demo?ref=blog.gitguardian.com" rel="noopener noreferrer"&gt;request a demo&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Stop spending your nights hunting down owners for compromised credentials. Make accountability part of your identity model from the start.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo?ref=blog.gitguardian.com" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>nhi</category>
      <category>devsecops</category>
      <category>appsec</category>
    </item>
    <item>
      <title>Security First, Transparency Always: Inside GitGuardian's Responsible Disclosure Process</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Wed, 17 Jun 2026 15:31:52 +0000</pubDate>
      <link>https://dev.to/gitguardian/security-first-transparency-always-inside-gitguardians-responsible-disclosure-process-4ic3</link>
      <guid>https://dev.to/gitguardian/security-first-transparency-always-inside-gitguardians-responsible-disclosure-process-4ic3</guid>
      <description>&lt;p&gt;Since its creation in 2017, GitGuardian has automatically detected secret leaks in all public commits on GitHub, and sent warning emails to the developers concerned through its &lt;a href="https://www.gitguardian.com/good-samaritan" rel="noopener noreferrer"&gt;Good Samaritan Program&lt;/a&gt;. Although this method is efficient and enables secrets to be revoked quickly, it does have certain limitations. Indeed, there are a number of problematic scenarios. For example, a secret may be deleted from GitHub following our email, but remain valid because it has not been revoked. Likewise, a secret may belong to a company, and the person who leaked it is no longer part of it or is a contractor who doesn't know how to deal with it.&lt;/p&gt;

&lt;p&gt;Overall, we find that 70% of the valid secrets we detect &lt;strong&gt;are still valid 3 years after their initial exposure&lt;/strong&gt;. This clearly requires a call to action, as leaked corporate secrets are probably not being remediated as they should be. As a matter of fact, the most sensitive secrets we uncover are, unsurprisingly, linked to the critical components of modern business: code and artifact repositories, databases or virtual machines. Their exploitation is often straightforward, yet they represent a direct and major security risk.&lt;/p&gt;

&lt;h2&gt;
  
  
  Responsible Disclosure
&lt;/h2&gt;

&lt;p&gt;Aware of the potentially devastating impact of some of the highly sensitive secrets we uncover, such as those of private Artifactory instances or Azure Storage Accounts, to name but a few, we have decided to overcome the limitations mentioned above by identifying corporate secrets and contacting the corresponding companies.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://blog.gitguardian.com/the-secret-to-your-artifactory-a-deep-dive-into-critical-exposures/" rel="noopener noreferrer"&gt;The secret to your Artifactory: A Deep Dive into Critical Exposures&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;In this context, the use of responsible disclosure practices makes perfect sense. Vulnerability disclosure is a &lt;a href="https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html" rel="noopener noreferrer"&gt;well-known and documented process&lt;/a&gt; that provides a structured approach to cybersecurity collaboration. By following well-defined rules and best practices, such as using encrypted emails, or respecting disclosure delays, organizations and cybersecurity researchers can effectively work together to remediate leaked secrets.&lt;/p&gt;

&lt;p&gt;Six months ago, GitGuardian set up a clear procedure for notifying companies of leaks of sensitive secrets, based on two fundamental points.&lt;/p&gt;

&lt;p&gt;Firstly, we are committed to ensuring that "security comes first." To achieve this, our first priority is to get in touch with the security teams who are best placed to assess and deal with the leak quickly. In our exchanges, we prefer to use GPG-encrypted e-mails to preserve the confidentiality of the data exchanged.&lt;/p&gt;

&lt;p&gt;Secondly, the content of our exchanges is as transparent as possible. We present precisely where the leak is (i.e. GitHub, DockerHub, or private resources), the nature of the associated secret, how it can be detected, and whether it is valid or not.&lt;/p&gt;

&lt;h2&gt;
  
  
  Key Takeaways
&lt;/h2&gt;

&lt;p&gt;In the time we've spent helping to fix tens of incidents, we've witnessed every kind of behavior: from a fix in minutes to &lt;strong&gt;no response at all&lt;/strong&gt;. While some of the critical secrets we uncovered are still valid today, the positive outcome is that most of the leaks disclosed have been remediated, or will be soon.&lt;/p&gt;

&lt;p&gt;Along, the clear responsible disclosure process that we put in place, we also maintain a dedicated registry that tracks the disclosed leaks and the state of the corresponding communications. This ensures fairness and transparency and makes it possible to externally audit this activity.&lt;/p&gt;

&lt;p&gt;Since October, we have disclosed 24 leaks to an equivalent number of different companies. Most of them - 15 to be precise - have been resolved. This excellent result is due to the fact that we were able to contact the security teams of the companies concerned directly.&lt;/p&gt;

&lt;p&gt;Of the 9 remaining leaks, 4 have been acknowledged and are currently under investigation. We are therefore very confident that they will be resolved too. For the other 5, we have received no response to our emails despite our efforts to find the right contact (i.e. a Staff Security Engineer, the CISO or the DPO). This is quite worrying as we are talking about large organizations putting their security at risk.&lt;/p&gt;

&lt;p&gt;Like many other researchers, we also get much better response rates when security teams are contacted directly. Having an easily identifiable address makes it easier for researchers. This reinforces the need for every organization to identify the right contacts in the event of security incidents, and publish them on their sites or via ad hoc mechanisms such as the &lt;a href="https://securitytxt.org/" rel="noopener noreferrer"&gt;security.txt&lt;/a&gt; file. Sadly, a disclosure email concerning a 6-year-old secret from an oil company's Artifactory went unanswered. The leak, meanwhile, was silently fixed several months after its disclosure.&lt;/p&gt;

&lt;h2&gt;
  
  
  Public Acknowledgments
&lt;/h2&gt;

&lt;p&gt;While some companies do not behave according to the accepted rules of responsible disclosure, and forbade us to communicate on our findings, others are exemplary in their communications with researchers and the way they credit them.&lt;/p&gt;

&lt;p&gt;We are pleased to have worked closely with such companies, and honored to be credited in their hall of fame following the responsible disclosure of secrets leaks:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.bayer.com/en/cybersecurity-hall-of-fame" rel="noopener noreferrer"&gt;https://www.bayer.com/en/cybersecurity-hall-of-fame&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.oracle.com/security-alerts/cpujan2025.html" rel="noopener noreferrer"&gt;https://www.oracle.com/security-alerts/cpujan2025.html&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.ibm.com/support/pages/ibm-product-security-incident-response-team-news" rel="noopener noreferrer"&gt;https://www.ibm.com/support/pages/ibm-product-security-incident-response-team-news&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://liferay.dev/portal/security/hall-of-fame" rel="noopener noreferrer"&gt;https://liferay.dev/portal/security/hall-of-fame&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://access.redhat.com/articles/66234" rel="noopener noreferrer"&gt;https://access.redhat.com/articles/66234&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://support.remarkable.com/s/article/Vulnerability-Disclosure-Policy" rel="noopener noreferrer"&gt;https://support.remarkable.com/s/article/Vulnerability-Disclosure-Policy&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://dam.sap.com/mac/app/e/pdf/preview/embed/L6Wy5wT?ltr=a&amp;amp;rc=10&amp;amp;includeSapBrandedWraper=true&amp;amp;includeRelatedAssets=true" rel="noopener noreferrer"&gt;SAP Security Acknowledgments&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;And this is just the beginning! We are proud to help build a safer world for both individual developers and companies.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>disclosure</category>
      <category>devsecops</category>
      <category>appsec</category>
    </item>
    <item>
      <title>Extending Our Mission With Developer Endpoint Protection</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Tue, 16 Jun 2026 20:15:24 +0000</pubDate>
      <link>https://dev.to/gitguardian/extending-our-mission-with-developer-endpoint-protection-4j0d</link>
      <guid>https://dev.to/gitguardian/extending-our-mission-with-developer-endpoint-protection-4j0d</guid>
      <description>&lt;p&gt;Since day one, our mission at GitGuardian has been clear: prevent accidental secret exposure and stand alongside developers as they build. We've helped thousands of teams secure their code repositories and other data sources, preventing credentials from leaking.&lt;/p&gt;

&lt;p&gt;The risk has moved. Developer workstations have always carried more credential exposure than most teams realize: shell histories, config files, local caches accumulating credentials for years. AI coding agents are accelerating that risk. Tools like Cursor, GitHub Copilot, and other AI assistants are now running on thousands of developer machines with access to every credential and sensitive file on the laptop, creating accumulation paths that traditional security tools don't see.&lt;/p&gt;

&lt;p&gt;Every developer laptop is a credential store. Infostealers and supply chain attackers treat it exactly that way. Credentials don't just live in Git. They end up in .env files, shell histories, AI agent configs, and local caches, sitting in plaintext outside your perimeter controls. A single compromised laptop can hand attackers the keys to your entire infrastructure. Our early access program data puts the average at 150 secrets per developer laptop, with some machines ranging into the thousands.&lt;/p&gt;

&lt;p&gt;The partition between code-resident and endpoint-resident credentials no longer exists for attackers. And with AI coding agents now running on every developer machine, the surface is growing faster than most security stacks can track. That raises the question: how do we make sure companies can deploy AI safely?&lt;/p&gt;

&lt;h2&gt;
  
  
  What We've Built
&lt;/h2&gt;

&lt;p&gt;Today we're releasing Developer Endpoint Protection: the ability to find every credential on every developer machine, built directly into ggshield, the GitGuardian CLI already in use across our customer base.&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/dDazXszspOs"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;

&lt;p&gt;We &lt;a href="https://blog.gitguardian.com/engineering-at-gitguardian-our-technical-challenges-for-2026/" rel="noopener noreferrer"&gt;rebuilt the scanning engine in Rust from scratch&lt;/a&gt;. In our latest tests, it scans 500,000 files in under one minute, then uses intelligent caching to complete subsequent scans in seconds. All scanning happens locally on the endpoint. Credentials are never sent to GitGuardian in clear text, and we never see the credentials.&lt;/p&gt;

&lt;p&gt;Traditional endpoint tools chase binaries. Developer Endpoint Protection tracks the credentials and the AI tooling generating them. Each credential found maps back to the production systems it unlocks and every other place that same credential lives, building a continuous inventory you can monitor, alert on, and push into the tools you already use.&lt;/p&gt;

&lt;p&gt;But scanning is only half the story. We also place honeytokens on developer machines. If an infostealer finds and uses one of those credentials, the honeytoken fires immediately, with attribution, before the attacker has used it. Instead of discovering a breach weeks later in a log review, you know the moment it happens and which machine was hit.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Matters Now
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;1. Finding Credentials Beyond Repositories and Collaboration Tools&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;For years, we've been catching credentials leaking into code repositories and collaboration tools. Developer machines have always had the same problem: shell histories, config files, temp directories, and AI tool caches pile up credentials over time, invisible to the rest of your stack. Endpoint Protection takes that mission to the machine.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Closing the NHI Governance Blind Spot&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Machine endpoints are a blind spot in NHI governance. Over-privileged service accounts, API keys, and machine credentials don't just live in vaults and cloud platforms. They're scattered across developer workstations. By surfacing endpoint findings in the GitGuardian dashboard, you can finally answer: "Where are our credentials actually living across our entire infrastructure?" and prioritize remediation based on what's sensitive and in active use.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Securing the Agentic AI Era&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;AI coding agents expand the attack surface. These agents operate with access to everything on a developer's machine: the credentials developers intentionally use and the ones that accumulate in shell histories, browser storage, and AI agent config files. In our analysis, around 40% of high and critical secrets surfaced in AI tool directories and log files, locations no traditional scanner looks at. Endpoint Protection gives you a full picture of that credential exposure as your AI footprint grows. We scan at three points in the AI workflow: prompt submission (before content reaches the model), pre-tool execution (before file reads or commands run), and post-tool output (after the agent responds). Each stage is an exposure path that traditional repository scanning never sees.&lt;/p&gt;

&lt;p&gt;The platform also inventories which AI tools and MCP servers are running on each machine, surfacing unauthorized or potentially malicious MCPs before they can access or exfiltrate data.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fol6xwyplac3rh9wb5ltf.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fol6xwyplac3rh9wb5ltf.png" alt="Endpoint Protection product screen" width="800" height="323"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Three Core Capabilities
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Remediate at the source.&lt;/strong&gt; Redact credentials from shell and command histories, migrate active credentials into vaults and local secrets managers, and prevent AI coding agents from spreading credentials across the machine through GitGuardian agent hooks. The goal is focused action, not endless triage.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Limit the blast radius.&lt;/strong&gt; Continuously hunt plaintext credentials across the fleet, score each finding by severity and actual access scope, and route high-risk findings directly to your SOC, SIEM, and SOAR. When a breach lands, you can answer immediately: what was on this machine, what services does it reach, and what do we revoke first?&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Detect live attacks.&lt;/strong&gt; Honeytokens placed on developer machines fire the moment an infostealer validates a credential, confirming an attack before it's used against you. You get attribution-rich alerts in real time, not noise.&lt;/p&gt;

&lt;p&gt;Because these signals are most powerful when correlated with your existing credential sources, endpoint findings feed directly into GitGuardian's NHI and Secrets Security platform, connecting your endpoint exposure to vaults, repos, and cloud environments in one place.&lt;/p&gt;

&lt;h2&gt;
  
  
  Designed for Real-World Enterprise Deployment
&lt;/h2&gt;

&lt;p&gt;We know enterprise security teams need more than a cool demo. We're building for:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Deployment at scale:&lt;/strong&gt; MDM-based rollout (Windows/Intune, Jamf) with MDM-compatible authentication for large fleets&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Developer-friendly:&lt;/strong&gt; minimal performance impact with intelligent caching, configurable exclusions, and CPU/memory limiting&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Privacy-first architecture:&lt;/strong&gt; local scanning with no credential exfiltration; only structured metadata leaves the endpoint&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Integration with your existing stack:&lt;/strong&gt; forward structured outputs to SIEM, pull data via API, correlate with vault and identity systems&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Cross-platform:&lt;/strong&gt; Windows, Linux, macOS&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Built on ggshield: One CLI, Expanded Mission
&lt;/h2&gt;

&lt;p&gt;We deliberately built this as an extension of ggshield rather than introducing another tool. One CLI, expanded mission. If your team already uses ggshield for pre-commit hooks and CI/CD scanning, it slots into the same workflow your team already trusts.&lt;/p&gt;

&lt;p&gt;We're already in conversations with Fortune 500 enterprises across financial services and technology where AI coding agent deployment has made endpoint credential visibility a real priority. The ask is consistent: give us endpoint credential visibility that fits our MDM rollout, our privacy requirements, and our SIEM.&lt;/p&gt;

&lt;h2&gt;
  
  
  Start Your Pilot
&lt;/h2&gt;

&lt;p&gt;Developer Endpoint Protection finds credentials on developer machines and blocks them from moving into shared systems. It does not rotate credentials, manage vaults, or enforce remediation workflows; that's where Internal Secrets Monitoring and NHI Governance come in. Used together, the GitGuardian platform gives you coverage from endpoint to repository to identity.&lt;/p&gt;

&lt;p&gt;Developer endpoints are the most unmonitored surface in secrets security. The organizations that know what credentials are on their machines recover faster from supply-chain incidents. The ones that don't find out during the breach.&lt;/p&gt;

&lt;p&gt;We've extended our mission from the repo to the machines so that you can find every credential on every developer laptop before infostealers do.&lt;/p&gt;

&lt;p&gt;Ready to see what's on your fleet? Contact your GitGuardian customer success team or &lt;a href="https://www.gitguardian.com/book-a-demo" rel="noopener noreferrer"&gt;book a demo&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>devsecops</category>
      <category>appsec</category>
      <category>devops</category>
    </item>
    <item>
      <title>The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Fri, 12 Jun 2026 12:24:02 +0000</pubDate>
      <link>https://dev.to/gitguardian/the-state-of-secrets-sprawl-2026-ai-service-leaks-surge-81-and-29m-secrets-hit-public-github-2bgj</link>
      <guid>https://dev.to/gitguardian/the-state-of-secrets-sprawl-2026-ai-service-leaks-surge-81-and-29m-secrets-hit-public-github-2bgj</guid>
      <description>&lt;p&gt;&lt;a href="https://www.gitguardian.com/state-of-secrets-sprawl-report-2026" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgnu1iyufcaqh9u6haey1.png" alt="State of Secrets Sprawl 2026" width="800" height="359"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;In less than a year, AI-assisted coding went from novelty to habit.&lt;/p&gt;

&lt;p&gt;What used to be a specialized workflow for experienced engineers is now accessible to almost anyone with an idea, a prompt, and a few minutes.&lt;/p&gt;

&lt;p&gt;In 2025, that shift became impossible to ignore. Software creation sped up, public GitHub activity surged, and a new generation of services, agents, integrations, and configuration patterns entered the stack all at once. That speed came with a cost.&lt;/p&gt;

&lt;p&gt;According to our latest "State of Secrets Sprawl" report, &lt;strong&gt;28.65 million new hardcoded secrets&lt;/strong&gt; were added to public GitHub commits in 2025 alone, a &lt;strong&gt;34% increase year over year&lt;/strong&gt; and the largest single-year jump we've recorded.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fst5ouf6v5s28sf9vj38g.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fst5ouf6v5s28sf9vj38g.png" alt="Secrets sprawl overview 2026" width="800" height="330"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The year software changed forever
&lt;/h2&gt;

&lt;p&gt;2025 was a banner year for software production. Public GitHub commits climbed to about &lt;strong&gt;1.94 billion&lt;/strong&gt;, up &lt;strong&gt;43% year over year, and the developer base increased by 33%&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4qnuuxd78lbqljrpmy33.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4qnuuxd78lbqljrpmy33.png" alt="Public GitHub commits grew by 43% and active developers base grew by 33% since 2024" width="800" height="692"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Public GitHub commits grew by 43% and active developers base grew by 33% since 2024&lt;/em&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  AI is creating a new generation of leaks
&lt;/h2&gt;

&lt;p&gt;AI makes it easier and faster to build, integrate, and ship. But every new tool, API, workflow, agent, and service account also creates new credentials to manage and more surface area for attackers to target. When organizations scale creation faster than governance, secrets begin to spread everywhere.&lt;/p&gt;

&lt;p&gt;One of the clearest signals in the data is that the composition of leaked secrets is changing. In 2025, &lt;strong&gt;AI service secrets reached 1,275,105&lt;/strong&gt;, up &lt;strong&gt;81% year over year&lt;/strong&gt;. The report points to &lt;strong&gt;113,000 leaked DeepSeek API keys&lt;/strong&gt; as one example of how these windows of exposure open.&lt;/p&gt;

&lt;p&gt;The report also found that &lt;strong&gt;eight of the ten fastest-growing detectors&lt;/strong&gt; were tied to AI services. &lt;strong&gt;LLM infrastructure,&lt;/strong&gt; such as orchestration, RAG, and vector storage, leaked &lt;strong&gt;5× faster&lt;/strong&gt; than core model providers.&lt;/p&gt;

&lt;p&gt;New AI providers, wrappers, gateways, registries, and integration layers are entering production workflows quickly, often before developer protections have caught up.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw0mppyclcia7vtkod25g.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw0mppyclcia7vtkod25g.png" alt="Growing specific AI detectors (more than 3K secrets)" width="799" height="416"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Claude Code-assisted commits showed a &lt;strong&gt;3.2% secret-leak rate&lt;/strong&gt;, versus a &lt;strong&gt;1.5% baseline across all public GitHub commits&lt;/strong&gt;. That gap is meaningful, but it should not be read as a simple tool failure. Developers remain in control of what gets accepted, edited, ignored, or pushed. Even as coding assistants improve their guardrails, people can still override warnings or ask the model to behave insecurely.&lt;/p&gt;

&lt;p&gt;The leak still happens through a human workflow. This is an important nuance.&lt;/p&gt;

&lt;p&gt;AI is changing the pace and shape of software development, but the underlying failure mode is still familiar: people under time pressure making local decisions in complex systems.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3dfjgo1xr49hinrwn3yf.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3dfjgo1xr49hinrwn3yf.png" alt="Number of secrets per 1000 commits" width="742" height="380"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Number of secrets per 1000 commits&lt;/em&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Hardcoding secrets into MCP configs
&lt;/h2&gt;

&lt;p&gt;Taking a closer look at AI infrastructure, we identified &lt;strong&gt;24,008 unique secrets&lt;/strong&gt; exposed in MCP-related configuration files across public GitHub, including &lt;strong&gt;2,117 unique valid credentials.&lt;/strong&gt; This is &lt;strong&gt;8.8%&lt;/strong&gt; of all MCP-related findings.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsxmw6v751f1uhrkijy9g.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsxmw6v751f1uhrkijy9g.png" alt="TOP 5 valid unique secrets in MCP configuration files" width="747" height="365"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The problem is often driven by the fact that the documentation itself encourages unsafe patterns. The report notes that popular MCP setup guides often recommend putting API keys directly into configuration files, command-line arguments, or embedded connection strings. When insecure credential handling is normalized in official quickstarts, it is no surprise that sprawl follows. This is the kind of pattern security teams should pay attention to early. New standards often arrive with convenience-first examples. If those examples assume hardcoded credentials, the problem can spread at ecosystem speed.&lt;/p&gt;

&lt;h2&gt;
  
  
  Public leaks are only half the story
&lt;/h2&gt;

&lt;p&gt;One lesson security teams should take away from this report is that &lt;strong&gt;public GitHub is only the visible edge of the problem&lt;/strong&gt;. Internal repositories remain a much larger reservoir of secrets sprawl. Internal repos are roughly &lt;strong&gt;6× more likely&lt;/strong&gt; than public ones to contain hardcoded secrets. This is the security debt created by private-by-default thinking. Teams are often less disciplined inside internal codebases because the exposure feels less immediate, but that private buildup becomes the material that attackers exploit once internal systems are reached.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg2r7xbjuso5b618wgkzf.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg2r7xbjuso5b618wgkzf.png" alt="Public vs internal secrets" width="747" height="507"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The story gets broader from there. About &lt;strong&gt;28% of incidents&lt;/strong&gt; originate entirely outside repositories, in places like Slack, Jira, and Confluence. Those leaks outside of code are also &lt;strong&gt;13 percentage points more likely to be categorized as critical&lt;/strong&gt; than secrets found only in code.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0teq3sqkzhk59yaf437e.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0teq3sqkzhk59yaf437e.png" alt="Secrets in SCM and productivity/collaboration tools" width="747" height="525"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Secrets shared in collaboration tools are often passed around during urgent troubleshooting, incident response, or operational debugging. They are copied into messages and tickets precisely because someone needs fast access. The context is urgent, and urgent contexts tend to produce high-impact exposures.&lt;/p&gt;

&lt;h2&gt;
  
  
  Developer workstations are now a prime target for secrets theft
&lt;/h2&gt;

&lt;p&gt;As AI agents gain deeper local access to terminals, files, editors, environment variables, and credential stores, the laptop itself becomes a more meaningful attack surface. The report connects this to prompt injection and supply-chain attacks such as &lt;strong&gt;Shai-Hulud&lt;/strong&gt;, which turn local secrets into organizational risk. GitGuardian's analysis of the Shai-Hulud 2 dataset offers a rare empirical window into what actually lives on developer machines. Across &lt;strong&gt;6,943 compromised machines&lt;/strong&gt;, the team found &lt;strong&gt;294,842 secret occurrences&lt;/strong&gt;, corresponding to &lt;strong&gt;33,185 unique secrets&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://blog.gitguardian.com/shai-hulud-2/" rel="noopener noreferrer"&gt;Shai-Hulud 2.0: the supply chain attack that learned&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmb9ehjskhlddbedtvugz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmb9ehjskhlddbedtvugz.png" alt="Shai-Hulud 2 - Distribution of count of secrets" width="799" height="399"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The report also notes that &lt;strong&gt;59%&lt;/strong&gt; of the compromised machines were CI/CD runners rather than personal workstations, which expands the problem well beyond the individual endpoint.&lt;/p&gt;

&lt;p&gt;For years, secrets management was framed mostly around shared code repositories and cloud platforms. But agentic workflows are redrawing the perimeter. When local environments hold credentials that connect across systems, the machine itself becomes part of the NHI problem.&lt;/p&gt;

&lt;h2&gt;
  
  
  64% of valid secrets from 2022 are still active and exploitable
&lt;/h2&gt;

&lt;p&gt;In the 2025 report, we found that nearly 70% of credentials confirmed as valid in 2022 were still valid in January 2025, which means they had not been remediated. When we retested that same dataset in January 2026, the validity rate was still above 64%.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl6f83azvh4trcbdlada2.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl6f83azvh4trcbdlada2.png" alt="Do valid secrets eventually get rotated?" width="800" height="594"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;This gap is even more concerning because &lt;strong&gt;46% of critical secrets are missed by validation-only prioritization&lt;/strong&gt;, meaning many high-risk exposures remain underprioritized simply because they cannot be automatically verified.&lt;/p&gt;

&lt;p&gt;The full &lt;strong&gt;State of Secrets Sprawl 2026&lt;/strong&gt; report dives deeper into all of these trends, from AI-assisted commits and MCP configuration leaks to internal repositories, collaboration tools, self-hosted infrastructure, and the long-term remediation gap.&lt;/p&gt;

&lt;h2&gt;
  
  
  From secrets sprawl to NHI governance
&lt;/h2&gt;

&lt;p&gt;That phrase, "NHI governance," can sound abstract until you reduce it to the questions security teams actually need to answer:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;What non-human identities exist in the environment?&lt;/li&gt;
&lt;li&gt;Who owns them?&lt;/li&gt;
&lt;li&gt;What can they access?&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If a team cannot answer those questions, AI adoption is likely outpacing identity maturity. That is the deeper lesson of the 2026 report. &lt;strong&gt;AI did not invent secrets sprawl. It accelerated the conditions that make it worse&lt;/strong&gt;: faster shipping, broader participation in software creation, more integrations, more service accounts, more local tooling, and more configuration surfaces where credentials can end up by mistake.&lt;/p&gt;

&lt;p&gt;The future will contain many more non-human identities. That means the path forward cannot be just "scan harder." &lt;strong&gt;It has to include prevention, ownership, context, lifecycle control, and remediation workflows that are built for speed&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/state-of-secrets-sprawl-report-2026" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgnu1iyufcaqh9u6haey1.png" alt="State of Secrets Sprawl 2026" width="800" height="359"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>devsecops</category>
      <category>ai</category>
      <category>appsec</category>
    </item>
    <item>
      <title>2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Wed, 10 Jun 2026 12:02:51 +0000</pubDate>
      <link>https://dev.to/gitguardian/2622-valid-certificates-exposed-a-google-gitguardian-study-maps-private-key-leaks-to-real-world-4jpf</link>
      <guid>https://dev.to/gitguardian/2622-valid-certificates-exposed-a-google-gitguardian-study-maps-private-key-leaks-to-real-world-4jpf</guid>
      <description>&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;This post is a companion piece to our presentation at &lt;a href="https://rwc.iacr.org/2026/program.php" rel="noopener noreferrer"&gt;Real World Crypto (RWC) 2026&lt;/a&gt; in Taipei, Taiwan on March 11, 2026, where GitGuardian and Google researchers will present the full findings of this collaboration.&lt;/strong&gt;&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;When a private key leaks on GitHub or DockerHub, detecting it is easy. What's harder, sometimes impossible, is understanding its real-world impact. Unlike AWS keys or OpenAI tokens, which are tied to their respective service, a leaked private key is just a mathematical object without an obvious owner.&lt;/p&gt;

&lt;p&gt;Private keys are challenging to attribute at scale: they are used in many different contexts, ranging from SSH authentication to JWT signatures. When one leaks, where do you start assessing the impact? Among leaked private keys, those used in X.509 infrastructure are most critical. They authenticate web servers in HTTPS: a compromised key enables attackers to impersonate websites or intercept data. That's why GitGuardian partnered with Google's researchers to answer a deceptively simple question: what happens when private keys leak?&lt;/p&gt;

&lt;p&gt;In the TLS ecosystem, a private key leak poses a critical threat, as attackers on the appropriate network path can impersonate websites, intercept or manipulate data, and decrypt past communications, particularly if the same private key is used for a long period of time prior to the widespread adoption of PFS.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Numbers Behind the Threat
&lt;/h2&gt;

&lt;p&gt;Since 2021, GitGuardian has detected about one million unique private keys leaked across GitHub and DockerHub. Using Google's internal Certificate Transparency database, we successfully mapped more than 40,000 of these keys to 140,000 real TLS certificates. As of September 2025, &lt;strong&gt;2,600 of these certificates were valid&lt;/strong&gt;, with more than 900 actively protecting Fortune 500 companies, healthcare providers, and government agencies.&lt;/p&gt;

&lt;p&gt;Our disclosure campaign revealed worse news: we sent 4,300 disclosure emails to 600 organizations about their exposed certificates, but &lt;strong&gt;only 54 responded&lt;/strong&gt;. That's a 9% response rate. Even for high-confidence identifications, only 36% bothered to reply. National CERTs? Only 2 out of 20 responded within a week. Bug bounty programs? Three asked us to prove that having a website's private key &lt;a href="https://blog.gitguardian.com/your-secrets-need-a-vdp-not-just-a-bug-bounty/" rel="noopener noreferrer"&gt;was actually a security problem&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F19ghx7ahjy4fhqpqagnp.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F19ghx7ahjy4fhqpqagnp.png" alt="Research pipeline" width="800" height="762"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Research pipeline&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;This reveals a widespread misunderstanding of private key risks&lt;/strong&gt;. Months after disclosure, 84 certificates remain valid; 40% from Certificate Authorities (CA) we contacted but who failed to revoke.&lt;/p&gt;

&lt;p&gt;This is the first Internet-scale analysis of private key leaks, made possible by combining two unique capabilities: GitGuardian's real-time secret detection across millions of repositories and images, and Google's infrastructure for querying Certificate Transparency logs containing billions of certificates.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://certificate.transparency.dev/" rel="noopener noreferrer"&gt;Certificate Transparency (CT)&lt;/a&gt; is a public database of all certificates issued by major CAs since 2015, created after CA compromises like the 2011 DigiNotar breach. CT is a decentralized architecture with multiple &lt;em&gt;operators&lt;/em&gt; hosting what are called &lt;em&gt;logs&lt;/em&gt;, subsets of the CT database.&lt;/p&gt;

&lt;p&gt;In theory, CT is perfect for mapping leaked keys to certificates using public key hashes. The mathematical properties of asymmetric cryptographic keys make it easy to link a certificate's public key information with its corresponding private key. In practice, storage and persistence are massive challenges. In 2025 alone, over 5 billion unique certificates have been submitted, representing more than 10 terabytes of storage. Moreover, log operators can disconnect logs once all their certificates have expired, which makes sense in the context of TLS but breaks OSINT and historical attribution.&lt;/p&gt;

&lt;p&gt;As of September 2025, 2,600 of the mapped certificates were valid (6% of mapped keys). We validated 921 (35%) through direct online checks; the remaining 1,701 (65%) required simulated TLS stack validation.&lt;/p&gt;

&lt;p&gt;Querying TLS revocation mechanisms revealed a widespread misunderstanding of the impacts: of all the certificates we found compromised, only 24 were revoked via Certificate Revocation Lists (CRL) – with just 1 marked as actually compromised – and 56 via OCSP – with only 2 marked as compromised. More troubling: nearly 22% of offline-validated certificates were found to differ from those served online. This usually indicates that a new certificate has been issued after the key leak, without revoking the compromised one. &lt;strong&gt;Owners either don't know about the leak or don't understand revocation.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Finally, since revocation is rarely used, we simulated historical validity by checking if the private keys leaked during their associated certificate's lifetime. This revealed that 24,000 certificates (17.16%) were valid at the time of the leak, and more than 4,000 are exposed per year.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F87ov544g7covxhchd3pi.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F87ov544g7covxhchd3pi.png" alt="Valid certificates at the time of first leak (in September 2025)" width="799" height="644"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Valid certificates at the time of first leak (in September 2025)&lt;/em&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Responsible Disclosures
&lt;/h2&gt;

&lt;p&gt;With certificates mapped, the next challenge emerged: finding and contacting their owners. Mapping private keys to certificates was indeed easy. Finding who owned them proved harder, but essential.&lt;/p&gt;

&lt;p&gt;Our primary goal was to contact owners directly. As security researchers, we aim to fix root causes and alert owners to enable proper remediation. Without addressing the source of the leak, private keys remain in repositories and container images, ready for reuse.&lt;/p&gt;

&lt;p&gt;Of 2,600 valid certificates, only 430 (16%) included organization information. For the rest, we deployed different attribution techniques: extracting domains from certificates, scraping security.txt and Whois records, analyzing MX records, and LLM-assisted web crawling. We identified entities for roughly half the certificates, leaving 1,300 certificates untraceable.&lt;/p&gt;

&lt;p&gt;After three weeks of poor response rates, we contacted the major Certificate Authorities directly. Revocation processes vary by CA, but all require proof of ownership: a signature performed with the leaked private key. We submitted 2,200 valid certificates; most were revoked within 48 hours.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/state-of-secrets-sprawl-report-2026" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgnu1iyufcaqh9u6haey1.png" alt="State of Secrets Sprawl 2026" width="800" height="359"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Concluding Remarks
&lt;/h2&gt;

&lt;p&gt;This joint research between GitGuardian and Google represents a systematic analysis that maps leaked private keys to real-world certificate usage at Internet scale. This collaboration demonstrates that protecting the Internet at scale requires both technical innovation and cross-organizational partnership. The results speak to both success and systemic challenges. Our disclosure campaign achieved 97% remediation, but at the cost of 4,300 emails sent, 1,706 entities contacted, 9 bug bounty submissions, countless follow-ups, and days of meticulous attribution work employing multiple OSINT techniques. &lt;strong&gt;The high success rate masks the extraordinary effort required to protect organizations that fail to protect themselves.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Despite our efforts, in January 2026, 84 certificates remained valid: 27 from small CAs that didn't revoke, 6 from unresponsive government entities, and 51 from organizations that took no action. We re-contacted the relevant CAs and are still working with them to have the certificates revoked.&lt;/p&gt;

&lt;p&gt;The research exposes hard truths: a widespread global misunderstanding of certificate security exists. &lt;strong&gt;Fortune 500 companies and governments leave leaked keys unrevoked&lt;/strong&gt;. Private keys outlive multiple certificate renewals, remaining valid years after public exposure. This is a systemic failure, not isolated incidents.&lt;/p&gt;

&lt;p&gt;The solution is clear. &lt;strong&gt;Cryptoperiods must be shortened, and private keys should never outlive certificates&lt;/strong&gt;; ideally, they should be single-use. This isn't new: Let's Encrypt and &lt;a href="https://certbot.eff.org/" rel="noopener noreferrer"&gt;Certbot&lt;/a&gt; already rotate keys with every renewal.&lt;/p&gt;

&lt;p&gt;This practice should become industry standard, and CAs must forbid private key reuse. Compromised keys should be permanently blacklisted across all authorities. Combined with upcoming 47-day certificate lifetimes and mandatory rotation, this dramatically reduces vulnerability windows.&lt;/p&gt;

&lt;p&gt;At RWC 2026, we present the full findings and roadmap. Private keys are leaking, and the industry can no longer afford to ignore them.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>tls</category>
      <category>certificates</category>
      <category>devsecops</category>
    </item>
    <item>
      <title>GitGuardian NHI Governance Now Gives More Comprehensive Visibility</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Tue, 09 Jun 2026 11:45:48 +0000</pubDate>
      <link>https://dev.to/gitguardian/gitguardian-nhi-governance-now-gives-more-comprehensive-visibility-59f4</link>
      <guid>https://dev.to/gitguardian/gitguardian-nhi-governance-now-gives-more-comprehensive-visibility-59f4</guid>
      <description>&lt;p&gt;If you're an IAM lead, you've probably spent the last five years perfecting your human identity security. MFA everywhere. Privileged management locked down. Just-in-time access is working like a charm. Your employees' identities are pretty well governed overall.&lt;/p&gt;

&lt;p&gt;But here's what's keeping us up at night, and I suspect you too: for every employee identity you're managing, roughly hundreds of machine identities are doing who knows what. API keys in places you didn't know existed. Service accounts that three different teams think someone else is managing. Bot tokens with access to production data that were created by an engineer who left the company two years ago.&lt;/p&gt;

&lt;p&gt;And the worst part is that when AWS credentials get exposed, attackers are probing them in under 17 minutes (according to research). That's less time than it takes most of us to grab coffee and check Slack.&lt;/p&gt;

&lt;p&gt;We've expanded GitGuardian NHI Governance with integrations across your entire infrastructure stack—giving you a single, identity-first view of every machine credential, automatic risk scoring based on OWASP's Top 10 for NHIs, and one-click revocation when secrets are exposed. Instead of logging into a dozen different platforms to piece together which service accounts exist and what they can access, you now get complete visibility and control from one place.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why your IAM platform isn't cutting it for machine identities
&lt;/h2&gt;

&lt;p&gt;Your IAM platform can be great at what it was designed to do. But it was designed in an era when "identity" meant Bob from accounting logging into Salesforce. It wasn't built for a world where your infrastructure runs on hundreds of service accounts, your data pipelines are orchestrated by API keys, and your AI agents are making autonomous decisions with privileged credentials.&lt;/p&gt;

&lt;p&gt;The problem isn't that these identities don't matter; they do. The issue is that your organization lacks clear visibility into everywhere they are:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Scattered across different secrets managers (because different teams picked different tools)&lt;/li&gt;
&lt;li&gt;Living in SaaS platforms your security team doesn't even know about&lt;/li&gt;
&lt;li&gt;Provisioned with way too many permissions because "we'll lock it down later"&lt;/li&gt;
&lt;li&gt;Never rotated because nobody's quite sure what will break if they do&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;And &lt;a href="https://www.gitguardian.com/state-of-secrets-sprawl-report-2025" rel="noopener noreferrer"&gt;70% of the secrets that leaked in 2022 are still active.&lt;/a&gt; Not because people don't care, but because they literally don't know those credentials exist.&lt;/p&gt;

&lt;h2&gt;
  
  
  What we're covering now (and why it matters)
&lt;/h2&gt;

&lt;p&gt;We've expanded our integration coverage across your entire infrastructure. Here's what's available and why each piece matters.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fklg05q6e7cdcpr4q2n1z.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fklg05q6e7cdcpr4q2n1z.png" alt="NHI Governance integrations overview" width="800" height="345"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  The foundation: Secrets managers
&lt;/h3&gt;

&lt;p&gt;First, we cover everywhere you're &lt;em&gt;supposed&lt;/em&gt; to be storing secrets:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise vaults&lt;/strong&gt;: HashiCorp Vault, CyberArk (both SaaS and self-hosted), Akeyless, Delinea Secret Server&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Cloud-native&lt;/strong&gt;: AWS Secrets Manager, Azure Key Vault, Google Cloud Secret Manager&lt;/p&gt;

&lt;p&gt;Our ggscout agent pulls metadata without ever touching the actual secret values. We hash everything locally before it leaves your environment, because the last thing you need is another tool that could leak your secrets.&lt;/p&gt;

&lt;h3&gt;
  
  
  Infrastructure &amp;amp; CI/CD: Where it all runs
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Kubernetes&lt;/strong&gt;: Service accounts and secrets across your clusters, because if you're running containerized workloads, these credentials are everywhere and notoriously hard to track.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;GitLab CI&lt;/strong&gt;: Pipeline credentials and job tokens that your CI/CD workflows depend on. These often have elevated permissions and rarely get rotated.&lt;/p&gt;

&lt;h3&gt;
  
  
  Cloud IAM: Because context is everything
&lt;/h3&gt;

&lt;p&gt;Knowing a credential exists is step one. Understanding what damage it could do? That's the real question you need answered at 2 AM during an incident.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Microsoft Entra ID&lt;/strong&gt;: We pull in users, service principals, managed identities, security groups—the whole picture. And we map out what permissions they actually have.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;AWS IAM&lt;/strong&gt;: Same deal. Users, roles, and groups, with full policy analysis.&lt;/p&gt;

&lt;p&gt;Both of these use OIDC authentication. Why? Because we're not going to tell you to eliminate long-lived secrets while using them ourselves for integrations.&lt;/p&gt;

&lt;p&gt;The platform automatically figures out which credentials are the highest risk, like that leaked API key that has admin access to your entire AWS environment. Those bubble to the top.&lt;/p&gt;

&lt;h3&gt;
  
  
  The stuff that keeps you up at night: SaaS platforms
&lt;/h3&gt;

&lt;p&gt;This is where it gets interesting, because this is where traditional IAM tools just... stop. But it's also where a ton of your sensitive data actually lives.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;AI platforms&lt;/strong&gt; (Anthropic, OpenAI): With everyone rushing to build AI features, these API keys are multiplying like rabbits. We need to know where they are and who's using them.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Workflow automation&lt;/strong&gt; (N8n, Airbyte): These tools are the "plumbing" of modern infrastructure. They have credentials that touch everything.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Observability&lt;/strong&gt; (Datadog): Your monitoring tools have the keys to your entire infrastructure. If those get compromised, attackers know everything about your environment before they even start.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Collaboration&lt;/strong&gt; (Slack): Bot tokens might seem low-risk until you realize they have access to every private channel where your engineers discuss security issues.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Data platforms&lt;/strong&gt; (Snowflake): This one's obvious. If you're storing customer data there, you need to know exactly which service accounts can access it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Identity providers&lt;/strong&gt; (Okta, Auth0): Even your IdP has service accounts. They just happen to be the most privileged ones in your entire environment.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Artifact management&lt;/strong&gt; (JFrog): Credentials that can push to or pull from your artifact repositories, critical for supply chain security.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Business intelligence&lt;/strong&gt; (Metabase): Service accounts accessing your BI tools often have broad data access that needs governance.&lt;/p&gt;

&lt;h2&gt;
  
  
  What you can actually do with all this
&lt;/h2&gt;

&lt;p&gt;Building a giant inventory is neat, but if it just sits there, who cares? Here's what's different:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;One place to see everything&lt;/strong&gt;: Instead of logging into five different secrets managers, three cloud consoles, and a dozen SaaS admin panels, you get one view. Identity-first. You pick the service account, you see everywhere it exists, everything it can access, and everyone who's using it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Automatic risk scoring&lt;/strong&gt;: We built this on OWASP's Top 10 for NHIs because that's the framework everyone's using. The platform automatically flags:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Leaked secrets (we're pretty good at finding those)&lt;/li&gt;
&lt;li&gt;Secrets living in both production and dev&lt;/li&gt;
&lt;li&gt;The same credential used in multiple places&lt;/li&gt;
&lt;li&gt;Secrets that haven't been rotated in forever&lt;/li&gt;
&lt;li&gt;Orphaned accounts that nobody owns anymore&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;The graph view that actually helps&lt;/strong&gt;: When you find a compromised credential, the platform shows you the whole dependency chain. What services are using it? What data can they access? What will break if you revoke it? This is the stuff that used to take hours of Slack messages and emergency meetings.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Kill switch for leaked secrets&lt;/strong&gt;: For GitHub, GitLab, and OpenAI secrets, when we detect exposure, you can revoke them with one click. Right from the alert. No copying tokens, no logging into different consoles, no delay while attackers are already poking around.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Metrics that matter&lt;/strong&gt;: MTTR for secret remediation. Policy compliance trends. Secrets' age distribution. The stuff your manager actually wants to see when they ask, "How are we doing on this?"&lt;/p&gt;

&lt;h2&gt;
  
  
  This works in the real world
&lt;/h2&gt;

&lt;p&gt;We built this to be enterprise-ready from day one:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;ggscout never exposes your secret values&lt;/li&gt;
&lt;li&gt;OIDC auth means no long-lived integration credentials&lt;/li&gt;
&lt;li&gt;SOC 2 Type II compliant&lt;/li&gt;
&lt;li&gt;Self-hosted option for the "nothing leaves our datacenter" crowd&lt;/li&gt;
&lt;li&gt;Scales to thousands of integrations without turning into molasses&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Why this matters right now
&lt;/h2&gt;

&lt;p&gt;Regulators are starting to pay attention to machine identity governance. It's no longer enough to say "we manage our employees' access really well" while ignoring the 100x larger population of service accounts and API keys.&lt;/p&gt;

&lt;p&gt;The identity perimeter changed. Most security programs just haven't caught up yet.&lt;/p&gt;

&lt;p&gt;If you're a CISO, this gives you the visibility to actually answer when the board asks about your attack surface. With receipts.&lt;/p&gt;

&lt;p&gt;If you're an IAM lead, this lets you extend the same lifecycle governance you've built for humans to the machine identities that actually run your business.&lt;/p&gt;

&lt;p&gt;If you're a security architect building zero trust, this gives you the telemetry you need to validate that "never trust, always verify" actually means something.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/state-of-secrets-sprawl-report-2026" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgnu1iyufcaqh9u6haey1.png" alt="State of Secrets Sprawl 2026" width="800" height="359"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Getting started
&lt;/h2&gt;

&lt;p&gt;If you're already a GitGuardian NHI Governance customer:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Go to &lt;strong&gt;Settings &amp;gt; Integrations &amp;gt; Sources &amp;gt; NHI Governance&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Connect whatever platforms you use&lt;/li&gt;
&lt;li&gt;Start discovering what's been hiding in plain sight&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Not using us yet? &lt;a href="https://www.gitguardian.com/contact-us" rel="noopener noreferrer"&gt;Talk to our team&lt;/a&gt; or check out our &lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;interactive demo&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Because at some point, we all need to admit that managing human identities while ignoring machine identities is like locking the front door while leaving every window open.&lt;/p&gt;

&lt;p&gt;Let's close those windows.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;GitGuardian provides secrets security and NHI governance for enterprises that are tired of machine identities being an afterthought. Learn more at &lt;a href="https://www.gitguardian.com/nhi-governance" rel="noopener noreferrer"&gt;gitguardian.com/nhi-governance&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>nhi</category>
      <category>security</category>
      <category>devsecops</category>
      <category>iam</category>
    </item>
    <item>
      <title>Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Mon, 08 Jun 2026 11:58:05 +0000</pubDate>
      <link>https://dev.to/gitguardian/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most-hfg</link>
      <guid>https://dev.to/gitguardian/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most-hfg</guid>
      <description>&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;Update:&lt;/strong&gt; On March 24, the campaign moved to PyPI. The Litellm packages in versions 1.82.7 and 1.82.8 have been poisoned with the same infostealer malware as the one used in the original campaign, and later on NPM.&lt;/p&gt;

&lt;p&gt;A new exfiltration endpoint is used: &lt;a href="https://models.litellm%5B.%5Dcloud/" rel="noopener noreferrer"&gt;https://models.litellm[.]cloud/&lt;/a&gt;&lt;br&gt;
Other IoCs stay the same.&lt;/p&gt;

&lt;p&gt;On March 24, the campaign targeted Checkmarx KICS scanner and poisoned it with an infostealer.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions tag hijack. What started as a compromise of &lt;em&gt;trivy-action&lt;/em&gt;, &lt;em&gt;setup-trivy&lt;/em&gt;, and the v0.69.4 release has expanded into malicious Docker Hub images, a suspected service-account compromise spanning Aqua's internal GitHub organization. Researchers tied the new artifacts to the same TeamPCP infostealer seen earlier in the campaign, and Aqua has said the March 19 incident reused credentials retained from the previous breach because remediation was not fully atomic.&lt;/p&gt;

&lt;p&gt;That matters because it sharpens the contrast with &lt;a href="https://blog.gitguardian.com/shai-hulud-2/" rel="noopener noreferrer"&gt;Shai Hulud&lt;/a&gt;. Both attacks targeted the CI/CD pipeline. Both went after secrets instead of the application itself. Both used GitHub as a practical exfiltration surface because GitHub traffic looks routine in engineering environments. But Trivy looks like a fast-moving credential theft campaign that keeps finding new ways to capitalize on. Shai Hulud was a broader supply chain operation designed to persist, propagate, and cause downstream damage.&lt;/p&gt;

&lt;h2&gt;
  
  
  Attack Timeline
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh0a9173eawcqfugb4qfe.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh0a9173eawcqfugb4qfe.png" alt="The attack path and timeline" width="800" height="407"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;The attack path and timeline&lt;/em&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Late February 2026 — Initial CI Compromise
&lt;/h3&gt;

&lt;p&gt;An automated bot ("hackerbot-claw") exploited a misconfigured workflow, stealing a privileged Personal Access Token (PAT) from the CI environment. Using that credential, the attacker pushed a malicious artifact to the Trivy VS Code extension on Open VSX.&lt;/p&gt;

&lt;h3&gt;
  
  
  March 1, 2026 — First Disclosure &amp;amp; Partial Remediation
&lt;/h3&gt;

&lt;p&gt;Aqua Security publicly disclosed the incident via a GitHub discussion and rotated credentials. However, &lt;strong&gt;subsequent investigation revealed the rotation was incomplete&lt;/strong&gt;, leaving residual access paths still open to the attacker.&lt;/p&gt;

&lt;h3&gt;
  
  
  March 19, 2026 — Supply-Chain Weaponization
&lt;/h3&gt;

&lt;p&gt;Using still-valid credentials and a compromised aqua-bot service account, the attacker published a malicious Trivy binary release (v0.69.4) and force-pushed malicious commits to 75–76 of 77 tags in aquasecurity/trivy-action and all 7 tags in aquasecurity/setup-trivy, silently turning pinned tags into payload delivery channels. The injected payload contained two Python infostealers. One was specially crafted to run on a CI/CD runner and exfiltrated sensitive elements from the runner process memory and environment. The second stealer, more generic, exfiltrated SSH keys, cloud tokens, and other secrets, mostly collected from the local file system. Both payloads sent the information to an attacker-controlled domain or to public GitHub repositories as a backup channel.&lt;/p&gt;

&lt;h3&gt;
  
  
  March 20–22, 2026 — Public Post-Mortems &amp;amp; Guidance
&lt;/h3&gt;

&lt;p&gt;Aqua Security released detailed post-incident blogs with a formal attack timeline, indicators of compromise (IoCs), a list of compromised tags, and guidance for rotating CI/CD and cloud credentials.&lt;/p&gt;

&lt;h2&gt;
  
  
  Trivy was surgical. Shai Hulud was systemic.
&lt;/h2&gt;

&lt;p&gt;The original Trivy compromise was already serious. The attacker force-pushed 75 version tags into &lt;em&gt;aquasecurity/trivy-action&lt;/em&gt;, turning trusted version references into a malware-delivery path for any workflow pinned to a tag rather than a commit SHA. The payload harvested environment variables and secrets from runner memory, searched self-hosted systems for cloud and infrastructure credentials, encrypted the results, and exfiltrated them to attacker-controlled infrastructure or as a release file to public GitHub repositories created in the victim's own account under the name &lt;em&gt;tpcp-docs.&lt;/em&gt; Because the legitimate Trivy scan still ran afterward, many users would have seen normal output and missed the theft entirely.&lt;/p&gt;

&lt;p&gt;Shai Hulud 2.0 operated on a different level. It backdoored npm packages, used TruffleHog offensively to harvest local secrets, leveraged self-hosted GitHub runners as command-and-control infrastructure, propagated into downstream packages, and carried a destructive wiper. That is a bigger playbook and a wider blast radius. Trivy moved fast through trusted automation and harvested what it could reach. Shai Hulud was built to spread.&lt;/p&gt;

&lt;p&gt;The fresh reporting on Trivy makes that distinction even more useful. The campaign now appears to have expanded from GitHub Actions into Docker images and follow-on malware, including a worm that spreads through SSH keys and exposed Docker APIs, plus a Kubernetes wiper in specific environments. That does not make Trivy the same as Shai Hulud. It makes Trivy a good example of how a credential theft operation can evolve when remediation leaves one valid path behind.&lt;/p&gt;

&lt;h2&gt;
  
  
  The real lesson is remediation, not just detection
&lt;/h2&gt;

&lt;p&gt;The biggest takeaway here is not that secrets were stolen. That part is already obvious. &lt;strong&gt;The bigger lesson is that incomplete cleanup turns one breach into a campaign&lt;/strong&gt;. Aqua's own account of the incident points to compromised credentials retained from the earlier breach and a rotation process that did not fully sever access. In practice, that gap is the line between containment and recurrence.&lt;/p&gt;

&lt;p&gt;That is where strong secrets security stands out. Teams need to detect exposed credentials quickly, but detection is only the start. They also need to know which machine identities were reachable from that workflow, which of those secrets are still active, what each credential unlocks, and which ones must be rotated first to cut off attacker movement. &lt;strong&gt;Public monitoring matters&lt;/strong&gt; here because both Trivy and Shai Hulud used public GitHub repositories as part of the exfiltration path. &lt;strong&gt;Early alerting&lt;/strong&gt; matters because once an attacker starts harvesting secrets inside CI, every minute counts. &lt;strong&gt;Governance matters&lt;/strong&gt; because non-human identities, especially long-lived service accounts and PATs, create the bridges attackers use to move from one repo, org, or registry to the next.&lt;/p&gt;

&lt;p&gt;That is the sharper value proposition in this story. The teams that recover fastest are not the ones that merely discover a leak. They are the ones that can trace blast radius, prioritize rotation, verify remediation, and &lt;strong&gt;prove that the same credential cannot be reused tomorrow&lt;/strong&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why this matters now
&lt;/h2&gt;

&lt;p&gt;Trivy and Shai Hulud belong in the same conversation because they both show where modern supply chain attacks pay off. They do not need to own your application. They need to reach the systems that build, sign, scan, and deploy it. Once they get there, secrets do the rest.&lt;/p&gt;

&lt;p&gt;But they should not be described as the same kind of event. Shai Hulud was a sprawling, self-propagating supply chain operation. Trivy was initially a more surgical compromise of trusted automation, and the last 48 hours of reporting show what happens when that kind of operation meets incomplete remediation and a reusable service account. The result is not just one bad release. It is a long tail of exposure across GitHub Actions, Docker images, internal orgs, and cloud infrastructure.&lt;/p&gt;

&lt;p&gt;That is the story prospects should remember. The hard problem is no longer finding a secret after it leaks. &lt;strong&gt;The hard problem is stopping that secret from becoming the attacker's next foothold.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>supplychain</category>
      <category>devsecops</category>
      <category>cicd</category>
    </item>
    <item>
      <title>Top 10 Non-Human Identity Security Tools and Platforms for 2026</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Fri, 05 Jun 2026 12:52:23 +0000</pubDate>
      <link>https://dev.to/gitguardian/top-10-non-human-identity-security-tools-and-platforms-for-2026-1mcc</link>
      <guid>https://dev.to/gitguardian/top-10-non-human-identity-security-tools-and-platforms-for-2026-1mcc</guid>
      <description>&lt;p&gt;&lt;strong&gt;TL;DR:&lt;/strong&gt; Non-human identities (service accounts, API keys, workload identities, certificates, OAuth apps, machine-to-machine access) now outnumber humans over 1:1 in most cloud-native orgs.&lt;br&gt;
The biggest security risks are unmanaged lifecycle, overprivileged access, and exposed credentials across SDLC and cloud environments, not just secret storage.&lt;/p&gt;

&lt;p&gt;The best NHI security tools in 2026 fall into four major categories:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Secrets Detection and Exposure Prevention&lt;/li&gt;
&lt;li&gt;NHI Lifecycle and Governance Platforms&lt;/li&gt;
&lt;li&gt;Machine Identity and Certificate Management&lt;/li&gt;
&lt;li&gt;Vault and Authorization Extensions&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Most enterprises require layered coverage across detection, governance, and lifecycle automation. Adopting this multi-layered strategy enables organizations not only to find leaks but also to close the structural gaps that allow them to occur.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Non-Human Identities Are the Fastest-Growing Attack Surface in 2026
&lt;/h2&gt;

&lt;p&gt;In 2026, attackers rarely try to "&lt;em&gt;hack passwords&lt;/em&gt;". Instead, they exploit the massive, often unmonitored web of non-human identities (NHIs) that power modern automation.&lt;/p&gt;

&lt;p&gt;They specifically look for hardcoded API keys, overprivileged service accounts, stale OAuth tokens, misconfigured workload identities, unrotated certificates, and shadow SaaS integrations that slip through the cracks of traditional security programs.&lt;/p&gt;

&lt;p&gt;This is a problem because machine identities far outnumber human users. However, most security programs rely on frameworks designed for human-centric access.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://blog.gitguardian.com/role-of-cisos-iam-nhi/" rel="noopener noreferrer"&gt;IAM Strategy for CISOs: Securing Non-Human Identities&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Thankfully, top non-human identity protection tools help secure this critical attack surface. By understanding the categories of enterprise NHI security solutions, you can build a strategy that provides complete visibility and robust security controls across your entire infrastructure.&lt;/p&gt;

&lt;h3&gt;
  
  
  What Do Non-Human Identities (NHIs) Include Today?
&lt;/h3&gt;

&lt;p&gt;Non-human identities are the digital identities used by machines, services, and applications to authenticate and communicate with other systems without human intervention. They include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Service Accounts:&lt;/strong&gt; Specialized accounts used by operating systems and/or applications to run background processes and access local or network resources.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;API Keys and Tokens:&lt;/strong&gt; Credentials that allow software to communicate with external services and internal systems, acting as a kind of "&lt;em&gt;passport&lt;/em&gt;" for data exchange.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;SSH Keys:&lt;/strong&gt; Access credentials for the Secure Shell (SSH) protocol. They're commonly used to authenticate automated processes and privileged users to remote systems.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Certificates:&lt;/strong&gt; Digital documents that verify the identity of a machine, service, website, or individual user. They use public key infrastructure (PKI) to exchange sensitive data.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;OAuth Apps:&lt;/strong&gt; An authorization framework that allows apps to obtain delegated access to resources on behalf of a user or service, without exposing the underlying credentials.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Workload Identities:&lt;/strong&gt; A set of credentials assigned to specific cloud resources, like a Kubernetes cluster or cloud IAM roles, to define access limits within an environment.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Machine-to-Machine Access Credentials:&lt;/strong&gt; Any credential used by one automated system to authenticate with another. Examples include service tokens, client secrets, and shared keys embedded within automated processes.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/whitepapers/managed-identities" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo3xq70vhscxwqxfpcom5.png" alt="Managed Identities" width="800" height="389"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Why This Problem Is Urgent Now
&lt;/h3&gt;

&lt;p&gt;Given the complexity of modern environments, a single security gap can lead to data breaches. As such, managing non-human identities is a primary concern for security teams.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Multi-Cloud Sprawl:&lt;/strong&gt; Organizations now distribute workloads across AWS, Azure, GCP, and more, creating fragmented identity silos that are difficult to monitor.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Kubernetes and Ephemeral Workloads:&lt;/strong&gt; The rise of containers means identities are often created and destroyed in seconds, making manual tracking impossible.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;SaaS-to-SaaS Integrations:&lt;/strong&gt; Modern businesses rely on a web of interconnected tools, each requiring its own set of OAuth tokens and permissions.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;CI/CD Automation:&lt;/strong&gt; Rapid deployment cycles require high-speed access to sensitive credentials. Oftentimes, these keys are hardcoded or poorly managed in the software development cycle, and devastating security breaches become a reality.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AI Agents and Autonomous Services:&lt;/strong&gt; Supposedly secure AI agents build their own identities to perform tasks, which further expands the non-human attack surface.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Credential-based attacks are one of the most common initial access vectors for cyber threats. Because of this, the non-human identity lifecycle is a top priority for risk reduction.&lt;/p&gt;

&lt;h2&gt;
  
  
  Key Capabilities of Modern NHI Security Platforms
&lt;/h2&gt;

&lt;p&gt;Modern NHI security platforms provide a comprehensive layer of protection across the entire identity management landscape. The best ones include five key capabilities:&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Discovery and Inventory
&lt;/h3&gt;

&lt;p&gt;You can't secure what you can't see. Leading non-human identity security solutions provide complete visibility by cataloging every machine identity in use. This includes the detection of shadow service accounts that developers create outside of official channels. It also includes coverage across SaaS and cloud environments, and cross-environment mapping that connects identities to resources.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Exposure Detection
&lt;/h3&gt;

&lt;p&gt;This capability finds sensitive credentials where they shouldn't be. Platforms scan git history and monitor public repositories to ensure secrets haven't leaked. They also provide continuous monitoring during the development process by integrating with developer workflows and CI/CD pipelines. Doing so enforces security policies before code reaches production.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Lifecycle Management
&lt;/h3&gt;

&lt;p&gt;To properly manage the &lt;a href="https://blog.gitguardian.com/identity-lifecycle-management-for-nhis/" rel="noopener noreferrer"&gt;non-human identity lifecycle&lt;/a&gt;, streamline the "&lt;em&gt;birth, life, and death&lt;/em&gt;" of credentials. This includes automating secret rotation and certificate renewals to ensure that no identity remains active longer than necessary. The platform should also provide workflows for revoking credentials and monitor for upcoming expirations to prevent service outages.&lt;/p&gt;

&lt;h3&gt;
  
  
  4. Authorization and Least Privilege
&lt;/h3&gt;

&lt;p&gt;Many NHIs receive excessive privileges. Top security platforms use access relationship mapping and identity graphs to visualize what each identity can access. By detecting overprivileged accounts, they help teams enforce least-privilege policies and reduce the potential impact of a compromised account. As such, this capability is essential.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://blog.gitguardian.com/principle-of-least-privilege-nhis/" rel="noopener noreferrer"&gt;Why the Principle of Least Privilege Is Critical for Non-Human Identities&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  5. Governance and Compliance
&lt;/h3&gt;

&lt;p&gt;To meet regulatory compliance standards such as SOC 2 and ISO 27001, organizations need detailed audit trails and reporting. Non-human identity management tools provide risk scoring for different identities, helping teams prioritize those that need attention. In addition, reporting dashboards offer a high-level view of the organization's security posture. This makes it easier to demonstrate control to auditors, ensure compliance, and avoid expensive fines.&lt;/p&gt;

&lt;p&gt;Now that we've covered key capabilities, let's analyze top NHI security platforms in 2026—starting with the leader in secrets detection and NHI exposure prevention.&lt;/p&gt;

&lt;h2&gt;
  
  
  Top NHI Security Tools and Platforms for 2026
&lt;/h2&gt;

&lt;p&gt;The market for machine identity security tools has matured. The solutions below represent the best options across detection, governance, lifecycle management, and authorization.&lt;/p&gt;

&lt;p&gt;Here's what each does well, where they fall short, and who each platform is best suited for:&lt;/p&gt;

&lt;h3&gt;
  
  
  1) GitGuardian
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fts889kr42whyh61121i0.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fts889kr42whyh61121i0.png" alt="GitGuardian for NHI security" width="799" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Enterprise Secrets, Security, and NHI Exposure Intelligence&lt;/p&gt;

&lt;p&gt;GitGuardian is an enterprise-grade secrets-detection and non-human identity protection tool. It was built to prevent credential-based security breaches at scale and delivers an unmatched breadth of exposure detection across public and internal repositories, collaboration tools, and CI/CD systems. As such, it provides deep secrets intelligence and governance for large DevSecOps organizations in a wide range of industries.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Exposure Detection Excellence:&lt;/strong&gt; Scans full git history for all internal and public repositories in real time, continuously monitors public GitHub for external exposure, and covers multiple source types, including multiple VCS, CI/CD pipelines, and collaboration tools.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Secrets Intelligence:&lt;/strong&gt; Delivers analytics on secret hygiene and distribution across the organization, including secret validity analysis, exposure window tracking, identification of unused and stale secrets, and risk-based prioritization with breach policy enforcement.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Vault Integration Mastery:&lt;/strong&gt; Integrates with major platforms like HashiCorp Vault and CyberArk, and acts as a "&lt;em&gt;single source of truth&lt;/em&gt;" across vault and non-vault environments. That way, developers can migrate hardcoded secrets into secure storage systems. It also rates alignment between detection workflows and vault lifecycle controls.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Proven Detection Accuracy:&lt;/strong&gt; Uses ML-enhanced detection combined with entropy analysis and contextual validation to deliver a high signal-to-noise ratio with reduced false positives. In addition, continuous detector updates cover cloud providers, SaaS platforms, internal tokens, and custom patterns to stay current with new credential types.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Agentic AI Security:&lt;/strong&gt; Protects your organization across the entire AI value chain, from AI-powered CLI tools to autonomous agents running in production. As such, GitGuardian minimizes vibe coding risks, LLM exposure, AI agent sprawl, and risky developer endpoints.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of GitGuardian:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Unmatched breadth of detection across public and internal sources.&lt;/li&gt;
&lt;li&gt;Advanced secrets intelligence for effective risk prioritization.&lt;/li&gt;
&lt;li&gt;Strong integration with existing vault ecosystems.&lt;/li&gt;
&lt;li&gt;High detection accuracy with low false positives.&lt;/li&gt;
&lt;li&gt;Enterprise-ready governance and reporting.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of GitGuardian:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;GitGuardian specializes in exposure detection and prevention, not full privileged access management. So, your desired use case will determine product fit.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; The "&lt;em&gt;Starter&lt;/em&gt;" tier is free, while the "&lt;em&gt;Teams&lt;/em&gt;" and "&lt;em&gt;Custom&lt;/em&gt;" tiers offer individual pricing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; Well-designed for mid-market and enterprise organizations in multi-cloud, Kubernetes-heavy, and CI/CD-driven environments that require scalable exposure detection, secrets intelligence analytics, and vault-aligned remediation workflows to reduce breach risk.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://www.gitguardian.com/" rel="noopener noreferrer"&gt;https://www.gitguardian.com&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  2) Astrix Security
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft3pi5g3n3oj74f04jt6o.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft3pi5g3n3oj74f04jt6o.png" alt="Astrix for NHI security" width="799" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; SaaS and OAuth NHI Governance&lt;/p&gt;

&lt;p&gt;Astrix focuses on discovering and securing non-human identities across SaaS environments. It is particularly strong at managing OAuth apps and third-party integrations that bypass traditional identity providers. These capabilities make it a strong option for NHI governance.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;SaaS Identity Discovery:&lt;/strong&gt; Automatically maps connections between SaaS tools.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;OAuth App Inventory:&lt;/strong&gt; Provides a detailed risk analysis of every third-party app connected to the corporate environment, improving security.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Shadow SaaS Detection:&lt;/strong&gt; Identifies integrations added without approval from the IT or security team, so they can be eliminated for security reasons.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Token Exposure Visibility:&lt;/strong&gt; Tracks where OAuth tokens might be exposed or misused.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Astrix:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Focused NIH-first approach.&lt;/li&gt;
&lt;li&gt;Deep visibility into SaaS-to-SaaS communication.&lt;/li&gt;
&lt;li&gt;Strong governance controls, specifically for OAuth.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Astrix:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;While Astrix includes secret scanning capabilities, the platform's architecture prioritizes SaaS governance and third-party risk over developer-native SDLC prevention. Detection depth and developer workflow integration may not match specialized secrets platforms.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise-tier pricing for commercial SaaS companies.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; Strong for organizations with complex SaaS ecosystems and OAuth sprawl.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://astrix.security/" rel="noopener noreferrer"&gt;https://astrix.security/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  3) Clutch Security
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frhsktxyxs0uui5ctq4uk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frhsktxyxs0uui5ctq4uk.png" alt="Clutch for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; NHI Governance Platform&lt;/p&gt;

&lt;p&gt;Clutch is built on two philosophical principles: zero trust enforcement and ephemeral, short-lived credentials. It uses these philosophies to provide centralized visibility and governance over non-human identities across cloud &lt;em&gt;and&lt;/em&gt; SaaS environments.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Machine Identity Discovery:&lt;/strong&gt; Builds a complete inventory of machine-related identities.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Risk Prioritization:&lt;/strong&gt; Ranks identities based on their potential risk to critical resources.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Policy Enforcement:&lt;/strong&gt; Allows security teams to set and enforce global policies for NHIs.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Lifecycle Visibility:&lt;/strong&gt; Tracks the status of identities throughout their entire existence.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Clutch:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Strong focus on governance and an identity-first architecture.&lt;/li&gt;
&lt;li&gt;Good fit for large enterprises with complex compliance needs.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Clutch:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Clutch Security offers less developer-workflow-native detection compared to secret scanning specialists. This is a turn-off to some enterprise organizations.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise SaaS pricing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; Suitable for enterprise teams that need NHI governance and policy enforcement.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://www.clutch.security/" rel="noopener noreferrer"&gt;https://www.clutch.security/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  4) Oasis Security
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8nhvwta5cgbk2lipfcup.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8nhvwta5cgbk2lipfcup.png" alt="Oasis for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Non-Human Identities Security Platform&lt;/p&gt;

&lt;p&gt;Oasis Security delivers discovery, inventory, and risk management for non-human identities across various cloud and SaaS ecosystems. Its main goal is to help teams understand the "&lt;em&gt;who, what, and where&lt;/em&gt;" of machine access so they can act accordingly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;NHI Mapping:&lt;/strong&gt; Visualizes relationships between identities and cloud resources.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Credential Risk Analysis:&lt;/strong&gt; Evaluates the strength and security of existing credentials.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Exposure Tracking:&lt;/strong&gt; Monitors systems for signs of compromised or leaked credentials.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Governance Reporting:&lt;/strong&gt; Generates reports to assist with regulatory compliance.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Oasis Security:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Focused NHI security approach.&lt;/li&gt;
&lt;li&gt;Strong multi-environment discovery.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Oasis Security:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Oasis Security's exposure detection features may not be as deep or specialized as dedicated secret-scanning vendors. So, potential customers might prefer other options.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise-tier pricing for commercial SaaS.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; Solid for a dedicated NHI security platform with multi-cloud discovery needs.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://www.oasis.security/" rel="noopener noreferrer"&gt;https://www.oasis.security/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  5) Entro Security
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmm68dxz7adyg3jx21qh8.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmm68dxz7adyg3jx21qh8.png" alt="Entro for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Machine Identity Management Solutions&lt;/p&gt;

&lt;p&gt;Entro provides machine identity discovery and lifecycle management to reduce secret sprawl and unmanaged credentials. The platform provides visibility into where secrets exist, what lifecycle stage they're in, and how to maintain a clean identity posture across environments.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Secret Sprawl Discovery:&lt;/strong&gt; Finds unmanaged secrets scattered across the environment.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;NHI Inventory:&lt;/strong&gt; Keeps a running list of every machine identity.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Lifecycle Governance:&lt;/strong&gt; Manages credential rotation and expiration.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Risk Posture Monitoring:&lt;/strong&gt; Continuously assesses the security status of all NHIs.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Entro:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Strong lifecycle visibility allows users to maintain excellent identity hygiene.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Entro:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Entro wasn't specifically designed for SDLC-based exposure detection. It's also less focused on developer-native prevention, which could lead to unexpected breaches.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise SaaS pricing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; An ideal solution for lifecycle governance and machine identity management.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://entro.security/" rel="noopener noreferrer"&gt;https://entro.security/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  6) Veza
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkop3rldwkpy59gh3mpjt.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkop3rldwkpy59gh3mpjt.png" alt="Veza for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Authorization and Identity Governance&lt;/p&gt;

&lt;p&gt;Veza delivers authorization graph intelligence to map and manage identity relationships across systems. For non-human identities, this means visibility into service account permissions, overprivileged workload identities, and access relationships that span multiple cloud and enterprise systems. In a nutshell, Veza answers the question, "&lt;em&gt;Who has access to what data?&lt;/em&gt;"&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Access Relationship Mapping:&lt;/strong&gt; Uses identity graphs to visualize complex permissions.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Overprivilege Detection:&lt;/strong&gt; Highlights accounts with more access than they actually use.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Policy Governance:&lt;/strong&gt; Helps teams create and enforce consistent access policies.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Veza:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Deep authorization intelligence and powerful visualization.&lt;/li&gt;
&lt;li&gt;Strong enterprise governance capabilities.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Veza:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;While Veza solves the "&lt;em&gt;access governance&lt;/em&gt;" problem, it doesn't find leaked keys. As such, Veza isn't a secret detection platform, so some users might prefer a different app.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise commercial pricing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; Best for enterprises that need to manage access management complexity and enforce least privilege across human and non-human identities.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://veza.com/" rel="noopener noreferrer"&gt;https://veza.com/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  7) Apono
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd53qfv8m6obphowgh938.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd53qfv8m6obphowgh938.png" alt="Apono for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Cloud Access Governance&lt;/p&gt;

&lt;p&gt;Apono concentrates on just-in-time (JIT) access and privilege management. It helps minimize the risk of "&lt;em&gt;standing privileges&lt;/em&gt;" across environments, including service accounts and workloads.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;JIT Access Provisioning:&lt;/strong&gt; Grants limited-time access when it's needed, not before.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Cloud IAM Governance:&lt;/strong&gt; Manages roles and permissions within AWS, Azure, and GCP.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Temporary Credential Automation:&lt;/strong&gt; Automates the creation of short-lived access keys.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Access Workflows:&lt;/strong&gt; Provides a structured way to request and approve machine access.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Apono:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Reduces the attack surface by enforcing least-privilege principles via JIT access.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Apono:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Apono is not a tool for scanning code or detecting leaked secrets. For access to these features, you'll need another app, which will increase your tech budget.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise SaaS pricing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; A strong addition for enterprise teams that want to reduce standing access and implement time-bound credential models in a reliable way.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://www.apono.io/" rel="noopener noreferrer"&gt;https://www.apono.io/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  8) Aembit
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiazwjx6b5w1cwlwlyu8k.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiazwjx6b5w1cwlwlyu8k.png" alt="Aembit for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Workload Identity Security Tools&lt;/p&gt;

&lt;p&gt;Aembit provides identity federation and access control for secure communication between machines and workloads. It helps eliminate long-lived static credentials by replacing them with short-lived, workload-attested tokens, thus reducing the risk of credential theft and misuse.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Workload Identity Federation:&lt;/strong&gt; Allows workloads to trust other identities securely.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Access Policy Enforcement:&lt;/strong&gt; Defines which services can talk to one another.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Secure Service-to-Service Authentication:&lt;/strong&gt; Ensures that machine-to-machine communication is verified and prevents unauthorized data leaks.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of Aembit:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A strong workload identity security model that aligns with cloud-native architectures.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of Aembit:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Aembit doesn't scan code repositories for existing leaked credentials. If you've already experienced a data breach, Aembit won't help you recover.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise-tier pricing for commercial SaaS.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; Well-suited for cloud-native and Kubernetes-heavy organizations that plan to modernize their organization's workload identity security tools.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://aembit.io/" rel="noopener noreferrer"&gt;https://aembit.io/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  9) AppViewX
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9b4xzm3c6vae42b7moaa.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9b4xzm3c6vae42b7moaa.png" alt="AppViewX for NHI security" width="799" height="423"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Category:&lt;/strong&gt; Certificate Lifecycle and PKI Automation&lt;/p&gt;

&lt;p&gt;AppViewX specializes in certificate lifecycle management and PKI automation for enterprises, especially those managing large and complex machine identity environments. With digital certificates underpinning most machine-to-machine communication, expiry monitoring and automated renewal workflows are critical to security and uptime.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Features:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Certificate Discovery:&lt;/strong&gt; Inventories certificates across networks to prevent outages.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;PKI Orchestration:&lt;/strong&gt; Automates the deployment and management of certificates.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Expiry Monitoring:&lt;/strong&gt; Alerts teams before certificates expire to ensure security.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Compliance Reporting:&lt;/strong&gt; Tracks certificate usage for audit purposes.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pros of AppViewX:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Best-in-class certificate automation and enterprise PKI support.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Cons of AppViewX:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;AppViewX does a fantastic job on certificates, but it doesn't do much else. For a tool that can handle the full breadth of NHI types, like API keys or OAuth apps, look elsewhere.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Pricing:&lt;/strong&gt; Enterprise commercial pricing.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Enterprise Fit:&lt;/strong&gt; A solid option for complex certificate environments and PKI compliance needs.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://www.appviewx.com/" rel="noopener noreferrer"&gt;https://www.appviewx.com/&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Implementation Strategy for Enterprise NHI Security
&lt;/h2&gt;

&lt;p&gt;Deploying non-human identity security tools requires a phased approach to minimize critical risks and build long-term operational efficiency. Here's the three-step process we recommend:&lt;/p&gt;

&lt;h3&gt;
  
  
  Phase 1: Exposure Risk Elimination (Immediate Risk Reduction)
&lt;/h3&gt;

&lt;p&gt;Many breaches begin with an exposed credential, according to &lt;a href="https://www.verizon.com/business/resources/reports/dbir/" rel="noopener noreferrer"&gt;Verizon's 2025 DBIR&lt;/a&gt;. With that in mind, your first goal is to reduce the likelihood of these breaches within the first 90 days. Focus on identifying and removing already-exposed sensitive credentials.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Priority Actions&lt;/strong&gt;: Implement continuous scanning of source code repositories (including full git history), real-time monitoring of CI/CD, public repository exposure detection, centralized triage and remediation workflows, and established MTTR targets for leaked secrets.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Executive Outcome&lt;/strong&gt;: A reduced external attack surface, faster remediation cycles, and immediate measurable breach-risk reduction to deliver peak ROI in the short-term.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Phase 2: Comprehensive NHI Inventory and Governance
&lt;/h3&gt;

&lt;p&gt;Once you put the "&lt;em&gt;fires&lt;/em&gt;" out, you can shift your approach and eliminate blind spots.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Priority Actions&lt;/strong&gt;: Catalog all NHIs, from service accounts and API keys to certificates and OAuth apps; map identity-to-resource access relationships; establish identity ownership models across AppSec, IAM, and Platform teams; and define enterprise-wide NHI policies, like least privilege, rotation frequency, and approval workflows.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Executive Outcome&lt;/strong&gt;: Reduced systemic identity risk, clear accountability for machine identities, and a stronger audit posture for SOC 2, ISO 27001, and PCI DSS standards. That way, NHI risk becomes a governed security domain, not an operational issue.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Phase 3: Lifecycle Automation and Preventive Controls
&lt;/h3&gt;

&lt;p&gt;Finally, you can build a mature environment that prioritizes preventative identity security. Even better, you can automate these processes to ensure security at all times.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Priority Actions:&lt;/strong&gt; Implement automated secret rotation and expiration enforcement, just-in-time (JIT) access provisioning for machine identities, certificate lifecycle automation and renewal, vault-backed secret storage standardization, and continuous policy validation across multi-cloud and SaaS environments.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Executive outcome&lt;/strong&gt;: The elimination of standing credential risk, a reduced manual workload for security teams, sustainable compliance and audit readiness, and improved resilience against lateral movement attacks. Put simply, this phase embeds NHI security into your cloud operating model rather than treating it as a scanning function.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The Future of NHI Security in 2026 and Beyond
&lt;/h2&gt;

&lt;p&gt;The NHI security space is evolving quickly, with several trends emerging.&lt;/p&gt;

&lt;p&gt;First, AI agents autonomously create identities, which poses challenges for security teams. As AI-driven services proliferate, the ability to secure AI agents and their associated identities becomes a baseline requirement rather than an advanced capability.&lt;/p&gt;

&lt;p&gt;We are also seeing a move toward continuous identity graph monitoring, in which every relationship is mapped in real time. Organizations need immediate visibility into identity relationships and access paths, not periodic access reviews, which are all too common.&lt;/p&gt;

&lt;p&gt;Last but not least, the lines between tool categories are blurring, as secrets detection becomes integrated with governance and reactive scanning shifts to preventative lifecycle automation. After all, it's better to prevent credential exposure than respond to a breach.&lt;/p&gt;

&lt;p&gt;To stay ahead of cyber threats, we suggest layering a best-of-breed NHI security tool with your existing pipeline stack. GitGuardian is a strong option for enterprises, offering top-level governance and remediation features on a single platform. &lt;a href="https://www.gitguardian.com/book-a-demo" rel="noopener noreferrer"&gt;Book a free demo of GitGuardian today&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  FAQs About Non-Human Identity Management Tools
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;What's the difference between NHI exposure detection and NHI governance?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;NHI exposure detection focuses on identifying leaked or hardcoded credentials across repositories, CI/CD pipelines, collaboration tools, and public sources. NHI governance goes further by managing the lifecycle of machine identities through access controls, rotation policies, and least-privilege enforcement. Mature security programs require both layers to reduce machine identity risk and prevent credential misuse.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do we determine whether we need a secrets security platform or an NHI platform?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If your primary concern is preventing exposed API keys, tokens, or credentials in code and pipelines, a secrets-security platform is the right starting point. If your organization faces challenges with overprivileged service accounts, unmanaged OAuth integrations, or large-scale machine identity sprawl across cloud and SaaS systems, broader NHI governance capabilities are necessary to manage the full machine identity lifecycle.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How does NHI security integrate with existing IAM, PAM, and vault solutions?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Modern NHI security platforms integrate with IAM providers such as AWS IAM, Azure AD, and Google Cloud IAM, as well as PAM and vault solutions like HashiCorp Vault and CyberArk. Detection systems identify exposed or unmanaged credentials, while vault platforms securely store and rotate them. Together, these integrations ensure secrets are detected, migrated, and governed within secure lifecycle-controlled systems.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do NHI security tools scale across multi-cloud and Kubernetes environments?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Enterprise-grade NHI platforms rely on API-based integrations to continuously discover and inventory machine identities across cloud environments and Kubernetes clusters. Centralized visibility, automated discovery, and policy enforcement allow organizations to manage hundreds of repositories and thousands of workloads without manual oversight.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What ROI can enterprises expect from investing in NHI security?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The primary return on investment comes from preventing credential-based breaches, one of the most common attack paths in modern environments. Additional benefits include reduced incident response costs, stronger compliance posture, improved prioritization of remediation activities, and lower operational overhead through automation.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Are open-source secret scanning tools sufficient for enterprise environments?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Open-source scanners can provide baseline detection within developer workflows. However, they often lack centralized governance, public monitoring, advanced prioritization, remediation orchestration, and compliance reporting. Many enterprises combine OSS tools for local scanning with enterprise platforms that provide organization-wide visibility and policy enforcement.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What does a mature NHI security program look like in 2026?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Mature programs combine continuous secret exposure detection, centralized NHI inventory, lifecycle automation with credential rotation and expiration, least-privilege access controls, certificate management, and compliance-ready reporting. Leading organizations layer detection, governance, and vault-backed storage to achieve end-to-end machine identity protection.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>nhi</category>
      <category>security</category>
      <category>devsecops</category>
      <category>devops</category>
    </item>
    <item>
      <title>Key Leaks, Vault Failures, and TEE Attacks: Highlights from RWC 2026</title>
      <dc:creator>Dwayne McDaniel</dc:creator>
      <pubDate>Thu, 04 Jun 2026 14:17:15 +0000</pubDate>
      <link>https://dev.to/gitguardian/key-leaks-vault-failures-and-tee-attacks-highlights-from-rwc-2026-1o08</link>
      <guid>https://dev.to/gitguardian/key-leaks-vault-failures-and-tee-attacks-highlights-from-rwc-2026-1o08</guid>
      <description>&lt;p&gt;In early March, the GitGuardian cybersecurity research team joined several hundred cryptographers, security engineers, and practitioners in Taipei for the tenth edition of the Real World Cryptography Symposium (RWC 2026). Held from March 9 to 11, the conference lived up to its name: three dense days of talks grounded in the reality of production-deployed crypto-systems.&lt;/p&gt;

&lt;p&gt;Beyond oolong drinking and the night markets, Taipei had more serious business to offer: GitGuardian was there to present our own research. We took the stage on Day 3 to share the findings behind "&lt;a href="https://blog.gitguardian.com/certificates-exposed-a-google-gitguardian-study/" rel="noopener noreferrer"&gt;Private Key Leaks in the Wild&lt;/a&gt;", mapping 945,560 leaked private keys to 139,767 certificates through Certificate Transparency logs, evidence that key material escaping into the wild is not a niche incident but a systemic problem.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd94v5qfhehixb3x21svw.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd94v5qfhehixb3x21svw.png" alt="Extract from GitGuardian's presentation: four to five thousand certificates are compromised every year because of a leaked private key" width="800" height="452"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Extract from GitGuardian's presentation: four to five thousand certificates are compromised every year because of a leaked private key.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Across the three days, recurring themes emerged: the industry-wide migration toward post-quantum algorithms and its hard engineering trade-offs; formal verification maturing into a practical tool; privacy-enhancing technologies finding their way into production systems; and secure channels and PKI infrastructure proving more fragile than assumed. All talks are worth a read or a replay, and the recordings are already available online.&lt;/p&gt;

&lt;p&gt;This article, however, focuses on what resonated most with GitGuardian.&lt;/p&gt;

&lt;h2&gt;
  
  
  When secret managers fail: a cryptography nightmare
&lt;/h2&gt;

&lt;p&gt;Matteo Scarlata and Giovanni Torrisi represented their team of four researchers in this presentation about password managers' security. Their talk was titled Zero Knowledge (About) Encryption, a pointed jab at the "zero-knowledge" marketing promise that cloud-based password managers like Bitwarden, LastPass, and Dashlane use to sell themselves: the claim that the provider never sees your plaintext secrets. This is usually the definition of what is called end-to-end encryption (E2E).&lt;/p&gt;

&lt;p&gt;This research focused on studying the security of four cloud-based password managers under the E2E encryption hypothesis, especially in a malicious server attack model. Matteo Scarlata et al demonstrated serious attacks against all four password managers. 27 attacks in total. Most issues stem from a weak cryptography protocol, especially related to "advanced" features:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Key recovery&lt;/li&gt;
&lt;li&gt;Partial vault synchronization&lt;/li&gt;
&lt;li&gt;Secret sharing&lt;/li&gt;
&lt;li&gt;Backward compatibility&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Notable attacks included:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;BitWarden's server being able to enforce the key recovery for any client, recovering a master decryption key.&lt;/li&gt;
&lt;li&gt;Servers acting as a public key server for password sharing, where they can provide malicious keys to recover shared passwords.&lt;/li&gt;
&lt;li&gt;Password leak through favicon resolution resulting from field-level encryption and no key separation (LastPass, Bitwarden).&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The full paper backing this research &lt;a href="https://zkae.io/" rel="noopener noreferrer"&gt;is available online&lt;/a&gt; and is a must-read.&lt;/p&gt;

&lt;p&gt;Password-based authentication has been an open problem for decades now, and this research shows that this is still the case, despite the existing vaults and other storage solutions. The whole industry has been pushing toward vaults and password managers to manage authentication secrets, which makes sense considering the state of authentication. That said, this research reminds us that the threat model of a compromised vault is important to consider.&lt;/p&gt;

&lt;p&gt;Under the assumption of a compromised secret vault, having a good understanding of one's own secret landscape is paramount, a situation where NHI governance and secrets observability can help.&lt;/p&gt;

&lt;h2&gt;
  
  
  Should you trust your trusted execution environment?
&lt;/h2&gt;

&lt;p&gt;Somehow on the same line, Christina Garman and Daniel Genkin presented their talk "TEE.fail: Breaking Trusted Execution Environments via Memory Bus Interposition", where they also found and exploited vulnerabilities in a technology everyone would deem the state-of-the-art of security: trusted execution environments. They targeted both AMD and Intel's latest TEE technologies, which shifted significantly in how they are implemented. Especially, both now rely on AES-XTS for memory encryption, which offers no integrity protection.&lt;/p&gt;

&lt;p&gt;Through a brilliant live demonstration, Christina and her team showed how, using hobbyist-level hardware, it is possible to set up an interposition attack on a server's physical memory. They later used this setup to recover private keys from the TEE in an otherwise simple attack.&lt;/p&gt;

&lt;p&gt;Although the threat model for this attack is quite convoluted, making it difficult to perform outside a state-sponsored operation, and, more specifically, an adversarial law enforcement situation, this talk puts some perspective on best-of-breed security mechanisms. As showcased with the password safes example above, even the best-protected secrets can leak, and we should keep that in mind when designing our risk analysis.&lt;/p&gt;

&lt;h2&gt;
  
  
  The tools are not enough
&lt;/h2&gt;

&lt;p&gt;In one rather interesting talk, Yubiko's Christopher Harrell explored a fundamentally interesting question: how did we get from a mostly-unencrypted internet to 95% of Chrome page loads being HTTPS? His main point is that it did not occur in a blast after a single breakthrough: the cryptography to make it happen has been as old as the internet itself. However, real adoption stemmed from a mix of policies, standards evolution, or accessible infrastructure (Let's Encrypt in that case).&lt;/p&gt;

&lt;p&gt;Harrell then traced the same pattern through human identities and authentication, with the example of passkeys and FIDO. Human authentication has gone through three recognizable phases:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Shared secrets (passwords)&lt;/li&gt;
&lt;li&gt;Second factors (mostly TOTP and SMS OTP)&lt;/li&gt;
&lt;li&gt;Device-bound phishing-resistant credentials (Passkeys, FIDO)&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Similar to the encryption on the Internet, while the technology required for secure human authentication exists, the adoption is not there yet.&lt;/p&gt;

&lt;p&gt;What resonated particularly with GitGuardian's activities is how we can parallel human authentication evolutions to the Non-Human Identities world. Non-human identities (the API keys, service account passwords, and OAuth tokens that machine-to-machine communication relies on) are still largely stuck in phase one. Long-lived API keys are, functionally, passwords: static, shareable, leak-prone, and with no equivalent of origin binding. OAuth tokens represent an improvement analogous to MFA, but they remain stealable and, in many configurations, reusable beyond their intended context.&lt;/p&gt;

&lt;p&gt;The FIDO moment for non-human identities has not arrived yet, and the scale of the problem is already visible in the data. As showcased in the State of Secret Sprawl report, the number of leaked secrets, largely linked to NHIs, has never been higher. While the technology evolves, hopefully, before we get locked in the insecure defaults, you'd better be equipped with a good secret security solution.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/state-of-secrets-sprawl-report-2026" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgnu1iyufcaqh9u6haey1.png" alt="State of Secrets Sprawl 2026" width="800" height="359"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Until next time
&lt;/h2&gt;

&lt;p&gt;There is so much more that could be told about the content that was presented at RWC 2026, and so many more presentations are worth watching – just like Nadia Heninger's talk about the encryption technologies used in space and technical debt, a topic that could very much find parallels in the NHIs world. If you want to know more, the slides of all the presentations are available &lt;a href="https://realworldcrypto.iacr.org/2026/program.php" rel="noopener noreferrer"&gt;on the conference website&lt;/a&gt;. Video recordings should also be made available soon.&lt;/p&gt;

&lt;p&gt;We can only hope GitGuardian's research team will be able to attend Real World Crypto again in the future. Presenting at such a conference is an honor, and we need to thank the organizers and chairmen for allowing us to promote our work there this year.&lt;/p&gt;

&lt;p&gt;Until next time, if you want to have a peek at GitGuardian research topics and results, now is the perfect time to have a look at our &lt;a href="https://blog.gitguardian.com/the-state-of-secrets-sprawl-2026/" rel="noopener noreferrer"&gt;fresh release of the State of Secret Sprawl report&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://www.gitguardian.com/interactive-demo?ref=blog.gitguardian.com" rel="noopener noreferrer"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfcl8kw7m7jyjajdbra1.png" alt="GitGuardian Interactive Demo" width="800" height="332"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>security</category>
      <category>cryptography</category>
      <category>conference</category>
      <category>secrets</category>
    </item>
  </channel>
</rss>
