Safeguard
Tag

credentials

Safeguard articles tagged "credentials" — guides, analysis, and best practices for software supply chain and application security.

10 articles

Container Security

Docker Secrets Management: Stop Baking Credentials Into Images

A secret written into a Docker layer is recoverable forever, even after you delete it. Learn the build-time and runtime patterns that keep credentials out of your images entirely.

Jul 6, 20266 min read
Security Guides

Database Credential Security (2026 Guide)

Database credentials are the last door between an attacker and your data. This guide covers eliminating static passwords with IAM auth, scoping least privilege, rotating safely, and detecting leaked connection strings.

Jul 4, 20266 min read
Tutorials

How to Scan for Secrets in a Git Repository

Find hardcoded API keys, tokens, and credentials in your working tree and full Git history, stop new leaks at commit time, and remediate a secret that has already been pushed.

Jul 4, 20266 min read
DevSecOps

Jenkins Pipeline Security: Hardening the Controller and Your Builds

Jenkins is a favorite target because the controller holds every credential and runs arbitrary Groovy. This guide covers CVE-2024-23897, the plugin attack surface, credential handling, ephemeral agents, and adding scanning.

Jul 3, 20266 min read
Concepts

What Is Secrets Management?

Secrets management is the practice of securely storing, distributing, rotating, and auditing the credentials your software needs to run. Here's how it works, why leaked secrets are a top breach vector, and how to get it right in 2026.

Jul 1, 20267 min read
Application Security

Best Secrets Detection Tools: 2026 Buyer's Guide

A field comparison of the best secrets detection tools in 2026 across precision, secret variety, and CI integration for teams hardening their supply chain.

Mar 27, 20265 min read
Concepts

What Is Authentication

Authentication is how a system proves you are who you claim to be. Here is what it means, how it works, the factors involved, and why it is the foundation of every access decision.

Jul 9, 20246 min read
Best Practices

Azure Managed Identities and the Supply Chain

Managed identities are the credential primitive that fixes most supply chain risk in Azure — but only if you use them the way the service actually intends.

Feb 14, 20248 min read
DevSecOps

CI/CD Secret Sprawl: How Pipeline Credentials Become Your Biggest Risk

Your CI/CD pipeline has more credentials than your production environment. Secret sprawl across pipelines creates a massive attack surface that most teams cannot even inventory.

Jul 20, 20235 min read
DevSecOps

Git Credential Security for Organizations: Locking Down Source Access

Git credentials are the keys to your source code. Here is how organizations should manage them to prevent unauthorized access and credential theft.

Mar 8, 20234 min read
credentials — Safeguard Blog