Safeguard
Tag

secret-scanning

Safeguard articles tagged "secret-scanning" — guides, analysis, and best practices for software supply chain and application security.

21 articles

Application Security

Secret scanning coverage: GHAS's ~200 patterns vs broader...

GHAS matches secrets against ~200 partner patterns. We break down where that coverage ends and how Safeguard's layered detection catches what pattern lists miss.

Jul 3, 20268 min read
Buyer's Guides

What GitHub Advanced Security actually includes now that ...

GitHub split Advanced Security into Secret Protection and Code Security in April 2025. Here's what each product covers, what it costs, and where the gaps still are.

Jul 2, 20267 min read
Application Security

GitHub Secret Protection deep dive: push protection, cust...

How GitHub Secret Protection's push protection, custom patterns, and validity checks actually work post-GHAS split, and where the coverage gaps still leave secrets exposed.

Jul 2, 20267 min read
Application Security

How GitHub used secret scanning to reach 'inbox zero' on ...

GitHub spent nine months clearing 20,000+ secret scanning alerts across 15,000 repos, finding 90% were noise. Here's how they beat alert fatigue, and how Safeguard automates it.

Jul 1, 20267 min read
Application Security

Reducing false positives in secret scanning with context-...

Regex-based secret scanners like GitHub Advanced Security flood teams with false positives. Here's how context-aware LLM reasoning cuts the noise without missing real leaked credentials.

Jul 1, 20267 min read
Best Practices

6 free GitHub security settings every maintainer should e...

GitHub Advanced Security costs per committer, but six free GitHub repository security settings — from 2FA to secret scanning — already stop most real-world supply chain attacks.

Jul 1, 20267 min read
Product

GitHub for Beginners: getting started with GitHub securit...

A beginner's guide to GitHub's free security tools, what GitHub Advanced Security actually adds, its 2025 pricing shift, and the supply chain gaps neither one covers.

Jun 30, 20267 min read
Product

GitHub Advanced Security setup made simple: guided config...

GitHub Advanced Security setup takes weeks, not clicks. Here's what GHAS configuration really involves, what it costs in 2026, and how Safeguard cuts the tuning work.

Jun 30, 20268 min read
Product

GitHub Advanced Security for Azure DevOps: general availa...

GitHub Advanced Security for Azure DevOps hit GA on June 1, 2023 at $49/committer/month. Here's what it covers, what it misses, and how Safeguard fills the gaps.

Jun 30, 20267 min read
Application Security

Secrets detection and remediation best practices

Leaked API keys still cause breaches within minutes. Here's how secrets detection and remediation should work in practice, and where scanner-only tools fall short.

Jun 26, 20268 min read
Application Security

Secrets management: tools and best practices

Secrets leak because of workflow gaps, not carelessness. Here's how vaults, scanners, and rotation policies actually stop credential exposure.

May 16, 20267 min read
Buyer's Guides

Aikido vs Gitleaks: is a maintained alternative worth it?

Gitleaks catches secrets; Aikido aggregates scanners. Neither maps exposures to supply chain risk the way a dedicated platform like Safeguard does.

May 5, 20267 min read
secret-scanning — Safeguard Blog