credentials
Safeguard articles tagged "credentials" — guides, analysis, and best practices for software supply chain and application security.
10 articles
Docker Secrets Management: Stop Baking Credentials Into Images
A secret written into a Docker layer is recoverable forever, even after you delete it. Learn the build-time and runtime patterns that keep credentials out of your images entirely.
Database Credential Security (2026 Guide)
Database credentials are the last door between an attacker and your data. This guide covers eliminating static passwords with IAM auth, scoping least privilege, rotating safely, and detecting leaked connection strings.
How to Scan for Secrets in a Git Repository
Find hardcoded API keys, tokens, and credentials in your working tree and full Git history, stop new leaks at commit time, and remediate a secret that has already been pushed.
Jenkins Pipeline Security: Hardening the Controller and Your Builds
Jenkins is a favorite target because the controller holds every credential and runs arbitrary Groovy. This guide covers CVE-2024-23897, the plugin attack surface, credential handling, ephemeral agents, and adding scanning.
What Is Secrets Management?
Secrets management is the practice of securely storing, distributing, rotating, and auditing the credentials your software needs to run. Here's how it works, why leaked secrets are a top breach vector, and how to get it right in 2026.
Best Secrets Detection Tools: 2026 Buyer's Guide
A field comparison of the best secrets detection tools in 2026 across precision, secret variety, and CI integration for teams hardening their supply chain.
What Is Authentication
Authentication is how a system proves you are who you claim to be. Here is what it means, how it works, the factors involved, and why it is the foundation of every access decision.
Azure Managed Identities and the Supply Chain
Managed identities are the credential primitive that fixes most supply chain risk in Azure — but only if you use them the way the service actually intends.
CI/CD Secret Sprawl: How Pipeline Credentials Become Your Biggest Risk
Your CI/CD pipeline has more credentials than your production environment. Secret sprawl across pipelines creates a massive attack surface that most teams cannot even inventory.
Git Credential Security for Organizations: Locking Down Source Access
Git credentials are the keys to your source code. Here is how organizations should manage them to prevent unauthorized access and credential theft.